1 / 14

PREVIOUS GNEWS

Stay updated on the latest cybersecurity news, including patch releases, vulnerabilities, data breaches, upcoming conferences, and industry acquisitions. Get insights into the latest threats and developments.

gmancuso
Download Presentation

PREVIOUS GNEWS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PREVIOUS GNEWS

  2. Patch Tuesday • Feb – 1 Patches – 1 Critical – 13 CVEs • MS17-005 - Adobe Flash Player, Remote Code • Mar – ? Patches – ? Critical – ? CVEs

  3. Holes / Patches • VMWare • VMSA-2017-0002 ( 1 CVE) • Horizon DaaS, data validation • Android • 2017-02-01 ( 23 CVE) • 2017-02-05 ( 35 CVE) • 2017-03-01 ( 34 CVE) • 2017-03-05 ( 71 CVE) • Bind (DNS64 & RPZ) • Cisco NetFlow (SCTP packet validation) • F5 “TicketBleed” • Cloudflare “CloudBleed” • Oracle • Due in April • Adobe • APSB17-04 Flash Player( 13 CVE) • APSB17-05 Digital Editions ( 9 CVE) • APSB17-06 Campaign ( 2 CVE) • Apple • Logic Proc X 10.3.1 ( 1 CVE) • GarageBande 10.1.6 ( 1 CVE) • MS GDI Library (multi-vuln, gdi32.dll) • Nexpose Console (hardcoded java passphrase)

  4. Hacking • Macs now with macro malware • Malicious iframes in Google Play • Dharma keys exposed • IoT bug bounty • SHA1 collision

  5. Linux 4.10 • Uber CA • Cyber Threat Alliance • Bitcoin sets another all time high $1,172.09 • sophos buys invincea (anti-malware) • mozilla buys Pocket (to make open source) • Walmart buys moosejaw (outdoor outfitters) • palo buys lightcyber (behavioral) • square buys orderahead (online call-ahead) • okta acquires stormpath (identity api) • ca acquires veracode (app sec) Corp

  6. arbys popped • coachella popped • cloudpets, Bad Teddy • boeing employee breach • aptos popped Corp

  7. FCC zero rating investigation halted • FCC suspends ISPs data security rules • AZ/TN to enact CRA against privacy protection? • H.R 387 Email Privacy Act passed, now to the senate • OR to push for warrants for border searches • FBI guide on “spot the terrorist” • DHS drops new NCIRP (response plan) • MS transparency case (gags violates 1st amendment) • MD to make ransomeware illegal • Let's legislate NIST metrics? • hack back? • DOJ dismisses PlayPen case Govt

  8. Random

  9. PCI council MFA guidance https://www.pcisecuritystandards.org/pdfs/PCI_SSC_Issues_Multi-Factor_Authentication_Guidance.pdf Expose all the things https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/us-cities-exposed-in-shodan OSX for forensics https://www.sans.org/reading-room/whitepapers/forensics/os-forensic-platform-37637 TOR Browser artifacts in win10 https://www.sans.org/reading-room/whitepapers/forensics/tor-browser-artifacts-windows-10-37642 Papers

  10. Dominos Wedding Registry Phone as ATM WTF

  11. IMF ctf Netflix Stethoscope user device information Best of 2016 top 10 list E2EMail chrome extension for pgp ReBreakCaptcha Captcha bypass HackerOne CE bug bounty platform Vault 7 leaked cia tool Tools

  12. Future Cons CanSecWest 15-17 Mar Hou.Sec.Con 7.0 23 Mar BSides OK 23-24 Mar SANS PenTest Austin 27 Mar-01 Apr Women in Cybersecurity 31 Mar-01 Apr InfoSec Southwest 07-08 Apr BSides Nashville 22 Apr BSidesAustin 4-5 May Circle City Con Indy 9-11 Jun

  13. DHA @Dallas_Hackers ( 1st Wednesday / Family Karaoke, Dallas ) TX2600 @dallas2600 ( 1st Fri / Wild Turkey 35&WalnutHill, Dallas ) The Lab.MS @TheLab_ms ( 2ndSaturday + random events / TheLab.ms, Plano ) ISSA Fort Worth @ISSAFortWorth ( 2nd Tuesday / location varies ) Fort Worth Crypto Party ( 2nd Tuesday ? / The Maker Spot, N. Richland Hills ) Hack Ft Worth @Hack_FtW ( 3rd-ish Tuesday / Buffalo West, Fort Worth) OWASP Dallas @OWASPDallas ( 3rdTuesday / location varies ) Crypto Party DFW @CryptoPartyDFW ( 3rd Thursday / TheLab.ms, Plano ) North Texas Cyber Security Group @ntxcsg ( Last Thursday, Jakes, Frisco ) Dallas MakerSpace @dallasmakers ( Random events / Carrollton ) Lock Pick DFW @LockPickDFW ( Last Monday/ SherlocksArlington )

  14. All images scavenged without permission All images scavenged without permission

More Related