1 / 14

PREVIOUS GNEWS

PREVIOUS GNEWS. Patch Tuesday. ? Patches – ? Critical – ? CVEs Affected – ? Other updates, MSRT, Defender Definitions, Junk Mail Filter. Holes / Patches. Oracle, 128 fixes 42 just for Java Adobe none Apple, Safari 6.0.4 Java Cisco

teresa
Download Presentation

PREVIOUS GNEWS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PREVIOUS GNEWS

  2. Patch Tuesday • ? Patches – ? Critical – ? CVEs • Affected – ? • Other updates, MSRT, Defender Definitions, Junk Mail Filter

  3. Holes / Patches • Oracle, 128 fixes • 42 just for Java • Adobe • none • Apple, • Safari 6.0.4 • Java • Cisco • Unified Communications, multiple • Prime Central, multiple • NX-OS, multiple • IOS, multiple • ASA, multiple

  4. Holes / Patches • IE • Apache

  5. Hacking • car chargers • bing for malware • FB Home, it's inevitable • FAA denies airplane hack could work • NJ Senator calls for investigation • apple pirate store • anonymous news site • google glass jail broken

  6. Corp • Can we get a desktop please • malwarebytes screws the pooch • Japan asks ISPs to block tor • Avast launches bug bounty program • NASA sponsored global hackathon • Criagslist • eff star chart • google big data on wheels

  7. Corp • EA Games mines all your bit coins • FTC calls for andriod patch investigation • McAfee to buy stonesoft • Bittorrent Sync

  8. Legal • CISPA • CISPA ammendment approved in house • CISPA killed in senate • CFAA stalled for now • pirate bay founder on theft / hacking charges • WIPO broadcast treaty • no hack hacking • force taps • dutch my open door for cop hack back

  9. Papers • Snort OSSIM integration • http://blog.snort.org/2013/04/integrating-snort-and-alienvault-ossim.html • analyzing h323 traffic. • https://www.sans.org/reading_room/whitepapers/protocols/analyzing-polycom-video-conference-traffic_34167 • exploiting soho routers • http://securityevaluators.com//content/case-studies/routers/soho_router_hacks.jsp • use of IOC • https://www.sans.org/reading_room/whitepapers/incident/ioc-indicators-compromise-malware-forensics_34200 • Firewall review • https://www.sans.org/reading_room/whitepapers/auditing/methodology-firewall-reviews-pci-compliance_34195 • MS intell report • http://www.microsoft.com/security/sir/default.aspx • verizon data breach report • http://www.verizonenterprise.com/DBIR/2013/

  10. Papers • Symantec threat report • https://www.symantec.com/security_response/publications/threatreport.jsp • NIST Update Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations • http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf • UEFI hacking • https://www.sans.org/reading_room/whitepapers/services/analysis-building-blocks-attack-vectors-unified-extensible-firmware_34215 • mobile malware lab • http://resources.infosecinstitute.com/portable-malware-lab-for-beginners/ • bitcoin 101 • http://resources.infosecinstitute.com/how-to-profit-illegally-from-bitcoin-cybercrime-and-much-more/ • search engine hacking • http://resources.infosecinstitute.com/search-engine-hacking-manual-and-automation/rr

  11. tools pentesting http://it.toolbox.com/blogs/securitymonkey/excellent-web-pentesting-education-materials-and-free-55541?rss=1 google inactive account manager http://nakedsecurity.sophos.com/2013/04/15/google-data-after-you-die disconnect 2 https://disconnect.me/ lynis http://www.unixmen.com/audit-the-security-of-your-unixlinux-systems-using-lynis/ windows debugg http://www.smidgeonsoft.prohosting.com/software.html REMnux http://zeltser.com/remnux/ ibm homo encryption http://news.hitb.org/content/ibm-takes-big-new-step-cryptography-practical-homomorphic-encryption debian 7.0

  12. WTF • Ooops

  13. CON Events carolina con http://it.toolbox.com/blogs/securitymonkey/macgyveresque-weapon-building-in-airports-55540?rss=1 shmoo vids http://it.toolbox.com/blogs/securitymonkey/did-you-miss-shmoocon-2013-videos-are-online-55539?rss=1 HITB Amsterdam http://conference.hitb.org/hitbsecconf2013ams/materials/FB0auth http://news.hitb.org/content/story-9500-bug-facebook-oauth-20 http://conference.hitb.org/hitbsecconf2013ams/materials/D2T1%20-%20Andrey%20Labunets%20and%20Egor%20Homakov%20-%20OAuth%202.0%20and%20the%20Road%20to%20XSS.pdf infiltrate 2013 http://infiltratecon.com/ root-66 root-66.org breakpoint 2013 call for papers http://www.ruxconbreakpoint.com/

  14. All images scavenged without permission All images scavenged without permission

More Related