1 / 11

PREVIOUS GNEWS

PREVIOUS GNEWS. Patch Tuesday. July - 6 Patches – 2 Critical - 27 CVEs MS14-037 - Cumulative Security Update for IE, Remote Code MS14-038 – Windows Journal, Remote Code MS14-039 – On-Screen Keyboard, Privilege Escalation

kent
Download Presentation

PREVIOUS GNEWS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PREVIOUS GNEWS

  2. Patch Tuesday • July - 6 Patches – 2 Critical - 27 CVEs • MS14-037- Cumulative Security Update for IE, Remote Code • MS14-038 –Windows Journal, Remote Code • MS14-039 –On-Screen Keyboard, Privilege Escalation • MS14-040 –Ancillary Function Driver (AFD), Privilege Escalation • MS14-041 –Direct Show, Privilege Escalation • MS14-042 –Microsoft Service Bus, DoS • Other updates, MSRT, Defender Definitions, Junk Mail Filter

  3. Holes / Patches • Rosetta Flash • APSB14-17 • Cisco VOIP hijack with default SSH key • CVE-2014-2198 • Oracle • Due 15th July • Adobe • APSB14-16 Adobe Flash Player • APSB14-17 Adobe Flash Player • Apple, • OS X 10.9.4 • iOS 7.1.2 • Apple TV 6.2 • Safari 6.1.5 / 7.0.5 • Cisco • SPA300 and SPA500 IP Phones • IOS IPSecDoS • Intelligent Automation for Cloud • Unified Communications / Webex

  4. Hacking • MS bugs  Security Essentials / Forefront - win32k.sys • CVE-2014-2779 • bitcoin decentralization • Fun with Nest • Android Keystore • MHN – Modern Honey Network • Mini-er, stealthier, skimmier. Even smaller ATM skimmers found in EU • LIFX smart light bulb exposes wifi passwords (pre-shared key) • Lite Zeus (128bit AES) • Malware targeting energy companies

  5. Papers Scada honeypot https://www.sans.org/reading-room/whitepapers/detection/designing-implementing-honeypot-scada-network-35252 WireShark http://news.hitb.org/content/malware-targeting-energy-companies-usa-and-europe IR in MS SQL http://news.hitb.org/content/malware-targeting-energy-companies-usa-and-europe

  6. Govt • TSA non-bootable device rule

  7. Corp • Malwarebyteslaunches Anti-Exploit • cloudflarebuys cryptoseal • MS Interflow (information exchange)

  8. Tools CoreOS

  9. Cons • Hope X - Jul • Defcon – Aug • B-Sides Memphis – Sep 13 Multiple DC214 speakers • ToorCon – Oct • B-Sides Houston - Oct • B-Sides DFW – Nov

  10. Local DHA ( 1st Wednesday / Allen Wicker Pub, plano) TX2600 ( 1st Fri / Wild Turkey 35&WalnutHill, dallas ) (1st Fri / 1418 Coffeehouse, plano) The Lab.MS ( 2nd Monday / Allen Wicker Pub, plano) Crypto Party ( 3rd Thursday / Improving Enterprises, addison) NAISG ( 4th Thursday / CrossPointe Theatre, carrollton ) LockPick DFW ( Last Monday / Trinity Hall, dallas ) Dallas MakerSpace Random / carrollton

  11. All images scavenged without permission All images scavenged without permission

More Related