PREVIOUS GNEWS
13
PREVIOUS GNE WS
description
PREVIOUS GNEWS. Patch Tuesday. 13 Patches – 6 Critical – 57-ish CVEs Affected – IE, .NET, Kernel, TCP/IP, Exchange,….. Other updates, MSRT, Defender Definitions, Junk Mail Filter. MS13-008 – IE out of band, Remote Code - PowerPoint PPT Presentation
Transcript of PREVIOUS GNEWS
PREV
IOUS GNEW
S
• 13 Patches – 6 Critical – 57-ish CVEs• Affected – IE, .NET, Kernel, TCP/IP, Exchange,…..
Other updates, MSRT, Defender Definitions, Junk Mail Filter
– MS13-008 – IE out of band, Remote Code– MS13-009 – Cumulative Update for Internet Explorer, Remote Code– MS13-010 - Vector Markup Language, Remote Code– MS13-011 - Media Decompression, Remote Code– MS13-012 - Microsoft Exchange Server, Remote Code– MS13-013 - FAST Search Server 2010 for SharePoint Parsing , Remote Code– MS13-014 - NFS Server, DoS– MS13-015 - .NET Framework, Privilege Escalation– MS13-016 - Windows Kernel-Mode Driver, Privilege Escalation – MS13-017 - Windows Kernel, Privilege Escalation – MS13-018 - TCP/IP, DoS– MS13-019 - Windows Client/Server Run-time Subsystem (CSRSS), Privilege
Escalation– MS13-020 - OLE Automation, Remote Code Execution
Patch Tuesday
• Oracle, 86 Fixes
• Adobe– APSB13-03 – ColdFusion 4 CVEs– APSB13-04 – Adobe Flash Player 2 CVEs– APSB13-05 – Adobe Flash Player 17 CVEs– APSB13-06 – Adobe Shockwave Player 2 CVEs
• Apple,– iOS 6.1 (27 patches)– Apple TV 5.2– Java for OSX 10.6 Update 12– OSX Server v2.2.1
• Cisco– NAC Appliance, XSS– Cisco Nexus 7000 M!-Series, DoS– Unity Express, multiple vulns– Wireless LAN Controllers, multiple vulns
Holes / Patches
• iOS 6 jailbreak, 7mil install in 4 days
• Juniper JUNOS DoS
• Linksys default 0-day, WRT54GL
• github search = passwd
• Samsung devices (exynos 4)
• OpenSSL timing attack (patch avail) • http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
• HP JetDirect again
• UPNP plug and play, scan for port 1900 now
• Fun with Facebook Graph Search
• GIAC website XSS
Holes / Hacking
• Anti-Facial? There are glasses for that.
• new compression / new stego?!
• White house = civic hacking
• Change your twitter passwd
• win8 for that aging mac mini
• Car blackboxes
• red october
• Air Traffic Control hackable?
• DVRs
• Flickr privacy settings
Holes / Hacking
Corp• Belkin buys Linysys from Cisco
• Cisco buys Cognitive Security• Cisco to launce a new advisory format
• MEGA launch party• MEGA cracked?• 3rd party MEGA indexing
• Nokia retires Symbian
• Backdoors in Barracuda gear (fw, vpn, spam)
• Poland CERT takes down malware servers• Github unblocked in China
• Google and Twitter drop Transparency Reports
• DoD offers Information Assurance Scholarship (apply by feb 4th)
• FBI cell phone tracking
• Anonymous calls for DoS as speech.
• TX teen appeals
• FISA Amendments Act gets 5 years
• megaupload was not entrapped
• canada denies us access to megaupload servers
• Aaron Swartz
• signapore introduces pre-crime cyber law
• candian student expelled
• texxxan.com
• no more phone unlocky
• google / yahoo requires probable cause
• meanwhile govt strongarms twitter
• russia leaves anti-crime pact
Legal
• CA AG mobile privacy doc• http://oag.ca.gov/sites/all/files/pdfs/privacy/privacy_on_the_go.pdf
• researcher security advisory writing guidelines• http://blog.osvdb.org/2013/01/15/researcher-security-advisory-writing-guidelines
• malicious http requests• https://www.sans.org/reading_room/whitepapers/detection/identify-malicious-http-requests_34067
• phishing• https://www.sans.org/reading_room/whitepapers/email/phishing-detecton-remediation_34082
• watermarks / dlp• https://www.sans.org/reading_room/whitepapers/detection/watermarks-prevent-leaks_34087
• host detect / dlp• https://www.sans.org/reading_room/whitepapers/detection/host-based-detection-data-loss-prevention-open-
source-tools_34055
• article 51• http://resources.infosecinstitute.com/invoking-article-51-un-charter-cyber-attacks-i
http://resources.infosecinstitute.com/invoking-article-51-of-un-charter-response-cyber-attacks-ii
• legalities of byod • https://www.sans.org/reading_room/whitepapers/legal/legal-issues-corporate-bring-device-programs_34060
Papers
• mod_rewrite• https://www.sans.org/reading_room/whitepapers/incident/web-log-analysis-defense-mod_rewrite_34107
• IDS• https://www.sans.org/reading_room/whitepapers/detection/what-039-s-running-network_34102
• android devices• https://www.sans.org/reading_room/whitepapers/networkdevs/monitoring-network-traffic-android-
devices_34097
• ios forensics• https://www.sans.org/reading_room/whitepapers/forensics/forensic-analysis-ios-devices_34092
• FTC guidance for mobile privacy• http://www.ftc.gov/os/2013/02/130201mobileprivacyreport.pdf
• data privacy study• http://www.ponemon.org/local/upload/file/2012%20MTC%20Report%20FINAL.pdf
• protection and breach guide• https://otalliance.org/resources/incident/2013DataBreachGuide-PreRelease.pdf
• reversing / anti-reversing• http://resources.infosecinstitute.com/unpacking-reversing-patching/
http://resources.infosecinstitute.com/anti-debugging/
Papers
• DMDE data recovery
• malware bytes chameleon
• annval siem
• wifi pineapple
tools
• Europe wants royalties on links
• work smarter not harder (or at all)– developer outsources his own job
• asteroids anyone?– govt website does
• FB turns facial recognition back on
WTF
CON EventsDefCon Documentary
DefCon20 Slideshttp://it.toolbox.com/blogs/securitymonkey/defcon-20-slides-are-up-52607
CanSecWest Pwn2Own hits 5 mil in prizes
All images scavenged without permission
All images scavenged without permission
