16
PREVIOUS GNEWS
PREVIOUS
GNEWS
• Feb - 9 Patches – 3 Critical - 55 CVEs
•
• MS15-009 - Update for Internet Explorer
• MS15-010 - Windows Kernel-Mode Driver, Remote Code
• MS15-011 - Group Policy, Remote Code
• MS15-012 - Microsoft Office, Remote Code
• MS15-013 - Microsoft Office, Security Bypass
• MS15-014 - Group Policy, Security Bypass
• MS15-015 - Microsoft Windows, Privilege Escalation
• MS15-016 - Microsoft Graphics Component, Info Disclosure
• MS15-017 - Virtual Machine Manager, Privilege Escalation
Other updates, MSRT, Defender Definitions, Junk Mail Filter
Patch Tuesday
• Oracle– 159 CVEs– 8 Virtual Box– 9 MySQL– 19 Java
• Adobe– APSA15-02 – Flash Player (1)– APSA15-02 – Flash Player (1)– APSB15-03 – Flash Player (1)– APSB15-03 – Flash Player (2)– APSB15-04 – Flash Player (18)
• Apple, – Apple TV 7.0.3– iOS 8.1.3– Safari 8.0.3, 7.1.3, 6.2.3– OSX 10.10.2– Security Update 2015-001
• Cisco– IOS Kernel Timer– Unified IP Phone 9900 multi-vuln– WebEx Meetings Server multi-vuln– AnyConnect xss
• VMWare– VMSA-2015-001 – vSphere cert
validation (1)– VMSA-2015-002 – ESXi, WorkStation,
Player, Fusion (8, openssl)
• VLC Player– XP Only, DEP violation / write access
• Verizon MyFIOS app– Email account exposure
Holes / Patches
• GE SCADA switches have hard coded SSL key
• GmbH Harts multiple vulns
• Schneider more patches• Schneider hardcoded passwds
• Daktronics hardcoded passwds
• Siemens Simatic PLC, patches
• Gas Station Hacking
• malware goes airborne
• KL-Remote
• AirPort Parking
• Progressive SnapShot
• McAfee ATD sandbox bypass
• look ma, i rooted the microwave
• router bricks
• godaddy
Hacking
• istegsiri
• lizardsquad dos stressor bugs
• Mozilla meta referrer
• tesla keyless start
• Apple 0-days
• fix for thunderbolt?
• android wifi direct
• GNU C Library
• blackphone bug
• adobe 0-day
• outlook app launched and shot
• BMW remote unlock
• ie xss 0-day
• Pirelli home routers vulnerable
• angler exploit kit
Hacking
• Verizon / Turn UIDH (perma cookie)• EFF Helpful App List• Cookie program to be disbanded
• Google project zero drops two more bugs for MS
• Blue Cross TN uses data without consent
• Park N Fly (used at DFW)
• plex streaming on PS3/4
• ThreatStream Optic and Maltego plugin
• BitCoin comes to POS
• Bitcoin now on wall street
• windows 10 claims to be last upgrade ever
• Ships
• MasterCard, accepted everywhere, and now in cuba
• WingStop GP hcaked
• Facebook censorship
CORP
• MS backs cyanogen??
• cause what can go wrong with wireless?
• reddit transparency report
• Bye Bye RadioShack, thanks for all the signals
• Anthem 80 million breach
• GPG gets cash infusion
• Cheezburger transparency report
• turbo tax freezes state filing
Corp
• CFAA amendment
• Rise Up https://help.riseup.net/en/about-us
• Google and PWC to host .mil HIE
• ENISA EU Threat Report
• How does payment assistance really work?
• brits label journalists as threats
• barret brown - 63 months
• cops don't like trackers
• death of opt-in GPS??
• ToR 80% pedo
• rebirth of bad SAVE Act
• more on patriot expiration
• Canarywatch.org
• FCC Title ii
• DARPA Memex
Govt
Crypto Currrency block chainhttp://radar.oreilly.com/2015/01/understanding-the-blockchain.html
more blockchain talkhttp://radar.oreilly.com/2015/01/the-3ps-of-the-blockchain-platforms-programs-and-protocols.html
http://coincenter.org/2015/01/reporting-back-blockchain-workshops-mit-harvard/
Automated Defense - Using Threat Intelligence to Augmenthttps://www.sans.org/reading-room/whitepapers/threats/automated-defense-threat-intelligence-
augment-35692
State of The Union Transcripthttp://www.securityorb.com/transcript-president-barack-obamas-state-union-speech
Regin analysishttp://securelist.com/blog/research/68438/an-analysis-of-regins-hopscotch-and-legspin/
NSA best practiceshttps://www.nsa.gov/ia/_files/factsheets/Defending_Against_Destructive_Malware.pdf
NIST Crypto Guidehttp://www.healthcareinfosecurity.com/nist-revises-crypto-standards-guide-a-7831
http://csrc.nist.gov/publications/drafts/nistir-7977/nistir_7977_second_draft.pdf
NIST Mobile Applicationshttp://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-163.pdf
Papers
Scada history?https://www.sans.org/reading-room/whitepapers/physical/abbreviated-history-automation-industrial-
controls-system-cybersecurity-35697
Cisco 2015 security reporthttp://www.cisco.com/web/offers/pdfs/cisco-asr-2015.pdf
MS info sharing guidlineshttp://blogs.microsoft.com/cybertrust/2015/01/27/putting-information-sharing-into-context/
RSA Reporthttp://www.emc.com/collateral/fraud-report/h13929-rsa-fraud-report-jan-2015.pdf?M=125EAA47-0C46-
43EA-8607-9FACA6B1C627
Detecting coin minershttps://www.sans.org/reading-room/whitepapers/threats/detecting-crypto-currency-mining-corporate-
environments-35722
•The Integration of Information Security to FDA and GAMP 5 Validation Processes
•https://www.sans.org/reading-room/whitepapers/policyissues/integration-information-security-fda-gamp-5-validation-processes-35732
• Ed Markey Senate report• http://www.markey.senate.gov/imo/media/doc/2015-02-06_MarkeyReport-
Tracking_Hacking_CarSecurity%202.pdf
Papers
CASL
"It is now illegal to install programs, such as malware, on someone's computer without consent."
http://www.fightspam.gc.ca/eic/site/030.nsf/eng/home
WT
F!?
Flink (hadoop like analysis engine)https://flink.apache.org/
PHP 5.6.5http://php.net/
R shinydashboardhttp://rstudio.github.io/shinydashboard/
Hound (source code search)https://github.com/etsy/Hound
GPartedhttp://gparted.sourceforge.net/
Army Dshell (forensics)https://github.com/USArmyResearchLab/Dshell
capstone 3.0.1 (disassembly)http://capstone-engine.org/Version-3.0.1.html
NST 20-6535 / Kali 1.1.0
Too
ls
• Guide• http://securityintelligence.com/guide-to-2015-conferences-and-events-
for-security-professionals
• Hack In Paris 2015 CFP
• Shmoo• cottonmouth-1 vs turnipschool (usb cable)
• IE Heap protection bypass
• Shmoo vidieos• https://archive.org/details/shmoocon-2015-videos-playlist
• HITB• white-paper-using-intel-txt-attack-bioses
• white-paper-extreme-privilege-escalation-windows-8uefi-systems
Cons Past
• B-Sides Austin 12 – 13 Mar
• CanSecWest 18 - 20 Mar
• InfoSec Southwest 10 – 12 Apr
• B-Sides Nashville 11 Apr
• B-Sides San Antonio ? May
• ThotCon 0x6 14 – 15 May
• PenTest Austin (SANS) 18 – 23 May
• DefCon 23 6 – 9 Aug
Cons Future
DHA( 1st Wednesday / Tavern on Main, richardson )
TX2600( 1st Fri / Wild Turkey 35&WalnutHill, dallas )
(1st Fri / 1418 Coffeehouse, plano)
The Lab.MS( 2nd Monday / varies, plano )
Crypto Party( 3rd Thursday / Improving Enterprises, addison )
NAISG( 4th Thursday / CrossPointe Theatre, carrollton )
LockPick DFW( Last Monday / looking for new spot, dallas )
Dallas MakerSpaceRandom / carrollton
Local
All images scavenged without permission
All images scavenged without permission
