1 / 15

PREVIOUS

GNEWS. PREVIOUS. Patch Tuesday. Mar – 13 Patches – 6 Critical – 30 CVEs MS16-037 - Cumulative Security Update for IE MS16-038 - Cumulative Security Update for Microsoft Edge MS16-039 - Microsoft Graphics Component MS16-040 - Microsoft XML Core Services

erinn
Download Presentation

PREVIOUS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. GNEWS PREVIOUS

  2. Patch Tuesday • Mar – 13 Patches – 6 Critical – 30 CVEs • MS16-037 - Cumulative Security Update for IE • MS16-038 - Cumulative Security Update for Microsoft Edge • MS16-039 - Microsoft Graphics Component • MS16-040 - Microsoft XML Core Services • MS16-041 - .NET Framework • MS16-042 - Microsoft Office • MS16-044 - Windows OLE • MS16-045- Windows Hyper-V • MS16-046 - Secondary Logon • MS16-047 - SAM and LSAD Remote Protocols • MS16-048 - CSRSS • MS16-049 - HTTP.sys • MS16-050 - Adobe Flash Player

  3. Holes / Patches • VMWare • VMSA-2016-0003 ( 2 CVE) • XSS in vRealize Automation • x • Oracle • Due April 19th • Adobe • APSA16-01 Flash Player ( 1 CVE) • APSB16-10 Flash Player ( 24 CVE) • APSB16-11 Creative Cloud ( 1 CVE) • APSB16-12 RoboHelp ( 1 CVE) • Apple • iOS 9.3 / 9.3.1 ( 38 CVE) • watchOS 2.2 ( 34 CVE) • tvOS 9.3 ( 23 CVE) • Xcode 7.3 ( 3 CVE) • OSX Security Update 2016-002 ( 59 CVE) • Safari 9.1 ( 11 CVE) • OSX Server 5.1 ( 4 CVE) • iBooks Author 2.4.1 ( 1 CVE)

  4. Holes / Patches • Apple System Integrity Protection (SIP) bypass • Badlock warning is bad • Preannounce vs responsible disclosure vs full disclosure • Ms16-047 • Adobe 0-day • CVE-2016-1010 • CVE-2016-1019 • Bad Java Patch • Sandbox bypass • OpenSSH • Info Disclosure • Symantec Endpoint Protection (SEP) • SEPM, XSS and SQL Injection • SysPlant.sys driver, code execution • Apple iMessage • Crypto weakness (patched in 9.3)

  5. Hacking • ios worm • FB account take over • Finger printing based on mouse usage • prime patterns • DDR4 suseptible to rowhammer • surveilence as art • usb thief - portable app sidecar • ransomware going fileless • Security Cams Pre-Infected with malware • Windows 10 “Blue Screen” now with QR Codes

  6. EFA Launched • eero - wifi mesh router • landesk to buy appsense • google doubles chromebook bounty • uber bug bounties • amex 3rd party breach • 1800 flowers hacked • verizon breached • CBS Sports App leaks personal data • Wordpress.com HTTPS for all! Corp

  7. 3rd party access method • Whatsapp is next? • CVE backlog • Darpa improv • lavabit = snowden • fbi delay / drop case with apple • “One Time” request moves to NY • breakdown of intell sharing restrictions • HR.2666 Threat to Net Neutrality? • Burr Feinstein anti-crypto bill • FBI modifies data redaction rules Govt

  8. mimikatz intro https://www.sans.org/reading-room/whitepapers/forensics/mimikatz-overview-defenses-detection-36780 imperva cryptowall report http://www.imperva.com/docs/IMPERVA_HII_CryptoWall_report.pdf imperva web app report https://www.imperva.com/docs/HII_Web_Application_Attack_Report_Ed6.pdf Cisco Talos RansomWare Report http://blog.talosintel.com/2016/04/ransomware.html#toc Papers

  9. hackers misspell foundation

  10. pafish v0.57 - malware analysis lynis v2.2.0 - unix security audit tool nmap 7.11 IIS Crypto - manage ciphers on windows iis AutoNessus - (python nessusapi) automate scanner tasks Tools

  11. Past Cons • CanSecWest – Vancouver 16-18 Mar • B-Sides Austin- 31-1 Mar-Apr • InfoSec Southwest– Austin 8-10 Apr • B-Sides OK – 09 Apr

  12. Future Cons • B-Sides Nashville – 16 Apr • ThotCon 0x7 – Chicago 5-6 May • B-Sides - San Antonio 21 May • Circle City Con – Indianapolis 10-12 Jun • SANS DFIR Summit – Austin 23-30 Jun • SANS San Antonio – 18-23 Jul • Hope 11 – NYC 22-24 Jul • BlackHat – Vegas 30 Jul – 4 Aug • BSidesLV – Vegas 2-3 Aug • DefCon 24 – Vegas 4 – 7 Aug • SANS Dallas – 8 – 13 Aug • OWASP CFP Open – DC 11-14 Oct

  13. DHA ( 1st Wednesday / Family Karaoke, dallas) TX2600 ( 1st Fri / Wild Turkey 35&WalnutHill, dallas ) The Lab.MS ( 2ndMonday + random events / TheLab.ms, plano) OWASP Dallas ( 3rdTuesday / location varies ) Crypto Party ( 3rd Thursday / Improving Enterprises, addison) National Information Security and Assurance Group ( 4th Thursday, Jakes, Frisco ) Dallas MakerSpace ( Random events / carrollton)

  14. All images scavenged without permission All images scavenged without permission

More Related