PREVIOUS GNEWS
description
Transcript of PREVIOUS GNEWS
PREVIOUS GNEWS
• 8 Patches – 6 Critical – 19+ CVEs
• Affected – Kernel, AD, Exchange, Unicode, ICMP
• MS13-059 - Security Update for Internet Explorer, Remote Code
• MS13-060 - Unicode Scripts Processor, Remote Code
• MS13-061 - Microsoft Exchange Server, Remote Code
• MS13-062 - Remote Procedure Call, Privilege Escalation
• MS13-063 - Windows Kernel, Privilege Escalation
• MS13-064 - Windows NAT Driver, DoS
• MS13-065 - ICMPv6, DoS
• MS13-066 - Active Directory Federation Services, Information Disclosure
Other updates, MSRT, Defender Definitions, Junk Mail Filter
Patch Tuesday
• Oracle, 89+ CVEs 27 remotely executable– 6 DB, 21 Fusion, 18 MySQL
• Adobe– APSB13-20 – Adobe Digital Editions
• Apple,– nothing
• Cisco– IOS XR Internet Control Protocol, DoS– TelePresence, Default Creds– CiscoWorks, Remote Code– WebEx, Multiple– Unified Communications, Multiple– Video Surveillance Manager, Multiple
Holes / Patches
• femotcells
• 16 core "rasberry competitor"
• 19 Chrome extensions for PenTesting
Hacking
• what's old is new, Kremlin goes old school with typewriters
• apple dev breached
• Cisco to buy Sourcefire
Corp
• UK rubbish bins collecting smartphone data
Legal
Papers• Tracking How it works, How it can be avoided• http://resources.infosecinstitute.com/means-and-methods-of-web-tracking-its-effects-on-
privacy-and-ways-to-avoid-getting-tracked/
• NIST BioMeteric guidance.• www.nist.gov/customcf/get_pdf.cfm?pub_id=914224
• DropSmack• https://media.blackhat.com/eu-13/briefings/Williams/bh-eu-13-dropsmack-jwilliams-slides.pdf
CON Events• defcon cellular ids
• Presentation CD
• http://contagiodump.blogspot.com/2013/08/defcon-21-archives-speaker-materials.html
• Password Cracking Contest
• DC214 Street Team – faced technical difficulties and still comes in 6° out of 8.
• Network Forensics contest
• DC214 Street Team – started 24 hours behind, 2 man team is one of 10 teams to complete all tasks, and still comes 8° place using all open source tools.
All images scavenged without permission
All images scavenged without permission