slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
PREVIOUS PowerPoint Presentation
Download Presentation
PREVIOUS

Loading in 2 Seconds...

play fullscreen
1 / 15

PREVIOUS

0 Views Download Presentation
Download Presentation

PREVIOUS

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. GNEWS PREVIOUS

  2. Patch Tuesday • Mar – 13 Patches – 6 Critical – 30 CVEs • MS16-037 - Cumulative Security Update for IE • MS16-038 - Cumulative Security Update for Microsoft Edge • MS16-039 - Microsoft Graphics Component • MS16-040 - Microsoft XML Core Services • MS16-041 - .NET Framework • MS16-042 - Microsoft Office • MS16-044 - Windows OLE • MS16-045- Windows Hyper-V • MS16-046 - Secondary Logon • MS16-047 - SAM and LSAD Remote Protocols • MS16-048 - CSRSS • MS16-049 - HTTP.sys • MS16-050 - Adobe Flash Player

  3. Holes / Patches • VMWare • VMSA-2016-0003 ( 2 CVE) • XSS in vRealize Automation • x • Oracle • Due April 19th • Adobe • APSA16-01 Flash Player ( 1 CVE) • APSB16-10 Flash Player ( 24 CVE) • APSB16-11 Creative Cloud ( 1 CVE) • APSB16-12 RoboHelp ( 1 CVE) • Apple • iOS 9.3 / 9.3.1 ( 38 CVE) • watchOS 2.2 ( 34 CVE) • tvOS 9.3 ( 23 CVE) • Xcode 7.3 ( 3 CVE) • OSX Security Update 2016-002 ( 59 CVE) • Safari 9.1 ( 11 CVE) • OSX Server 5.1 ( 4 CVE) • iBooks Author 2.4.1 ( 1 CVE)

  4. Holes / Patches • Apple System Integrity Protection (SIP) bypass • Badlock warning is bad • Preannounce vs responsible disclosure vs full disclosure • Ms16-047 • Adobe 0-day • CVE-2016-1010 • CVE-2016-1019 • Bad Java Patch • Sandbox bypass • OpenSSH • Info Disclosure • Symantec Endpoint Protection (SEP) • SEPM, XSS and SQL Injection • SysPlant.sys driver, code execution • Apple iMessage • Crypto weakness (patched in 9.3)

  5. Hacking • ios worm • FB account take over • Finger printing based on mouse usage • prime patterns • DDR4 suseptible to rowhammer • surveilence as art • usb thief - portable app sidecar • ransomware going fileless • Security Cams Pre-Infected with malware • Windows 10 “Blue Screen” now with QR Codes

  6. EFA Launched • eero - wifi mesh router • landesk to buy appsense • google doubles chromebook bounty • uber bug bounties • amex 3rd party breach • 1800 flowers hacked • verizon breached • CBS Sports App leaks personal data • Wordpress.com HTTPS for all! Corp

  7. 3rd party access method • Whatsapp is next? • CVE backlog • Darpa improv • lavabit = snowden • fbi delay / drop case with apple • “One Time” request moves to NY • breakdown of intell sharing restrictions • HR.2666 Threat to Net Neutrality? • Burr Feinstein anti-crypto bill • FBI modifies data redaction rules Govt

  8. mimikatz intro https://www.sans.org/reading-room/whitepapers/forensics/mimikatz-overview-defenses-detection-36780 imperva cryptowall report http://www.imperva.com/docs/IMPERVA_HII_CryptoWall_report.pdf imperva web app report https://www.imperva.com/docs/HII_Web_Application_Attack_Report_Ed6.pdf Cisco Talos RansomWare Report http://blog.talosintel.com/2016/04/ransomware.html#toc Papers

  9. hackers misspell foundation

  10. pafish v0.57 - malware analysis lynis v2.2.0 - unix security audit tool nmap 7.11 IIS Crypto - manage ciphers on windows iis AutoNessus - (python nessusapi) automate scanner tasks Tools

  11. Past Cons • CanSecWest – Vancouver 16-18 Mar • B-Sides Austin- 31-1 Mar-Apr • InfoSec Southwest– Austin 8-10 Apr • B-Sides OK – 09 Apr

  12. Future Cons • B-Sides Nashville – 16 Apr • ThotCon 0x7 – Chicago 5-6 May • B-Sides - San Antonio 21 May • Circle City Con – Indianapolis 10-12 Jun • SANS DFIR Summit – Austin 23-30 Jun • SANS San Antonio – 18-23 Jul • Hope 11 – NYC 22-24 Jul • BlackHat – Vegas 30 Jul – 4 Aug • BSidesLV – Vegas 2-3 Aug • DefCon 24 – Vegas 4 – 7 Aug • SANS Dallas – 8 – 13 Aug • OWASP CFP Open – DC 11-14 Oct

  13. DHA ( 1st Wednesday / Family Karaoke, dallas) TX2600 ( 1st Fri / Wild Turkey 35&WalnutHill, dallas ) The Lab.MS ( 2ndMonday + random events / TheLab.ms, plano) OWASP Dallas ( 3rdTuesday / location varies ) Crypto Party ( 3rd Thursday / Improving Enterprises, addison) National Information Security and Assurance Group ( 4th Thursday, Jakes, Frisco ) Dallas MakerSpace ( Random events / carrollton)

  14. All images scavenged without permission All images scavenged without permission