PREVIOUS GNEWS
• Jan 4 Patches – 0 Critical – 6 CVEs
• 9 Patches – 4 Critical – 31+ CVEs
• MS14-005 - Microsoft XML Core Services, Info Disclosure
• MS14-006 - IPv6 Could Allow, DoS
• MS14-007 - Direct2D, Remote Code
• MS14-008 - Microsoft Forefront Protection for Exchange, Remote Code
• MS14-009 - .NET Framework, Privilege Escalation
• MS14-010 - Cumulative Security Update for Internet Explorer
• MS14-011 - VBScript Scripting Engine, Remote Code
Other updates, MSRT, Defender Definitions, Junk Mail Filter
Patch Tuesday
• Oracle, – Jan - 144 fixes
• Adobe– APSB14-04 – Flash Player– APSB14-06 – Shockwave Player
• Apple,– iTunes 11.1.5– Pages 5.1 and 2.1– Boot Camp 5.1
• Cisco– Secure Access Control System, Multiple Vulns– Unified Communications Manager, Multiple Vulns / SQL Injects– NX-OS, Multiple Vulns– TelePresense, Multiple Vulns– MediaSense. Multiple Vulns
Holes / Patches
• POS Malware??
• Something about ATMs
• Windows XP end of support (oh you didn’t know?!) MSRT supported for one year
• Windows 8 on usb – “enterprise license and certified device required”
• Windows 9 “threshold” rumors hitting the streets
• Japenese Nuke Reactor, now with malware
• Starbuck iPhone app stores creds in plaintext
• OpenBSD gets bitcoin donation, keeps lights on
• ThrustVPS gets owned, sends spam
• VPN bypass in JellyBean and KitKat
• Mask
Random
• Vmware buys AirWatch
• AMD 8 core ARM
• Lenovo buys Motorola Mobility
• EU to back door cars by 2020
• CCC sues German Govt
• Tumblr drops transparency report
Corp
Detect Malware Phone Homehttps://www.sans.org/reading-room/whitepapers/detection/approach-detect-malware-call-home-
activities-34480
Google + Integration Opt-Outhttps://www.eff.org/deeplinks/2014/01/how-opt-out-gmails-google-plus-integration
NIST Cyber Security Frameworkhttp://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf
Papers
Discuss
Tools
• CanSecWest – Mar
• B-Sides Austin – Mar
• Source Boston - Apr
• InfoSec SouthWest – Apr
• ThotCon – Apr
• Hope X - Jul
• Defcon – Aug
• ToorCon - Oct
• B-Sides DFW – Nov
• CCC - Dec
Cons
DC214
TX2600
NAISG
DHA
Crypto Party
LockPick DFW
The Lab.MS
Dallas MakerSpace
ISSA North Texas
ISSA Cowtown
Local
All images scavenged without permission
All images scavenged without permission