1 / 14

Previous Gnews

Stay updated with the latest cybersecurity news, including Patch Tuesday releases, Flash Player patches, and Meltdown/Spectre vulnerability fixes. Get the latest information on Microsoft, Oracle, Adobe, Apple, and more.

cathleenl
Télécharger la présentation

Previous Gnews

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Previous Gnews

  2. Patch Tuesday • Jan – 83 KB Articles with 308 unique downloads • Reports of 16 Critical / 56 fixes • Internet Explorer • Microsoft Edge • Microsoft Windows • Microsoft Office and Microsoft Office Services and Web Apps • SQL Server • ChakraCore • .NET Framework • .NET Core • ASP.NET Core • Adobe Flash

  3. Holes / Patches • VMWare • VMSA-2017-0021 ( 4 CVE ) • ESXi, vCenter, Workstation, Fusion(multi) • VMSA-2018-0001 ( 3 CVE ) • vSphere Data Protection (multi) • VMSA-2018-0002.1 ( 2 CVE ) • ESXi, Workstation, Fusion (meltdown/spectre) • VMSA-2018-0003 ( 3 CVE ) • vRealize, Worksation, Tools • VMSA-2018-0004 ( x CVE ) • vSphere, Workstation, Fusion (meltdown/spectre) • Apple • iOS 11.2.2 ( 2 CVE) • Safari 11.0.2 (again) ( 2 CVE) • macOS High Sierra 10.13.2 Supplemental Update ( 2 CVE) • Oracle • Due out 16 Jan 2018 • Adobe • APSB18-01 Flash Player ( 1 CVE)

  4. Holes / Patches • MS bundles bad password manager • Win 10 WPAD/PAC attack • Mac LPE vuln • Ubuntu 17.10 bios • Lexmark printers • Thunderbird • Meltdown / Spectre

  5. Hacking • Internet Chemotherapy --Dr Cyborkian • cyrpto currency sans blockchain • Wannacry attributed to NK • win 10 facial busted • AI whizkid • Bose / Sonos speaker take over • Intel ME • huawei 0-day code goes public • Lisa source code to be released

  6. ProofPoint Acquires CloudMark (isp / mobile) • thales buys gemalto • apple buys buildbuddy • Amazon to buy Target • QVC buys HSN • Proofpoint buys weblife (web mail protection) • verizon buys niddel • quicksilver buys billabong • Alteryx S3 • Nissan Canada Finance popped 1.13 mil • ancestry.com leak Corp

  7. Mozilla installs looking glass silently • Apple battery throttling?? • Uber it's not just for cars anymore • OKCupid launches real-name policy • Driveless car testing in AZ • WD MyCloud hardcoded creds • MS drops Kinect • WPA3? Corp

  8. Municpal Fiber being contested • Norway drops FM band • Virus ban lifted • GCHQ overdoes it • University of Michigan wins 3.6 mil for MORPHEUS • FERC to expand breach reporting rules • China adopts wechat as ID • FB deletes accounts for govt • Records privacy change • DHS popped • Cali Neutrality Bill • New border inspection rules • FTC settles child privacy case Govt

  9. s3 hardening http://resources.infosecinstitute.com/amazon-s3-buckets-hardening/ ccholarships http://resources.infosecinstitute.com/scholarships-information-security-infosec-students/ have i been hacked https://bash-prompt.net/guides/server-hacked/ Papers

  10. largest prime number found Phantom Trolleys Armed with hammers White Noise Patent WTF

  11. bye google https://spreadprivacy.com/how-to-remove-google/ sublis3r - web subdomina enumeration https://github.com/aboul3la/Sublist3r hijacker - android wifi https://github.com/chrisk44/Hijacker nmapnse https://twitter.com/bonsaiviking/status/950772687655309313 ThreatHunting.net http://www.threathunting.net/ Invoke-PSImage https://github.com/peewpw/Invoke-PSImage mobilecoin https://www.wired.com/story/mobilecoin-cryptocurrency/ RetDec Decompiler goes OpenSource https://github.com/avast-tl/retdec coWPAtty https://sourceforge.net/projects/cowpatty/ Haven https://play.google.com/store/apps/details?id=org.havenapp.main Tools

  12. Future Cons BSidesAustin8-9 Mar 2018  austin  $30 CanSecWest 14-16 Mar 2018  (passport)  vancouver  $2100 HouSecCon4 Apr 2018  houston  $65 InfoSec Southwest 11-13 Apr 2018  austin  $190 BSidesOK 13 Apr 2018 (training on 11-12)  tulsa  $FREE BSidesNash 14 Apr 2018  nashville$??? AtlSecCon26-27 Apr 2018 (passport) halifax  $160 ThotCon4-5 May 2018  chicago  $170  SOLDOUT HackMiami 18-20 May 2018  miami  $125+ CircleCity 1-3 Jun 2018  indy  $150 BSidesSATX 16 Jun 2018  san antonio  $???

  13. DHA @Dallas_Hackers ( 1st Wednesday / Family Karaoke, Dallas ) TX2600 @dallas2600 ( 1st Fri / Wild Turkey 35&WalnutHill, Dallas ) The Lab.MS @TheLab_ms ( 2nd Saturday + random events / TheLab.ms, Plano ) ISSA Fort Worth @ISSAFortWorth ( 2nd Tuesday / location varies ) Hack Ft Worth @Hack_FtW ( 3rd-ish Tuesday / Buffalo West, Fort Worth) OWASP Dallas @OWASPDallas ( 3rd Tuesday / location varies ) Crypto Party DFW @CryptoPartyDFW ( 3rd Thursday / TheLab.ms, Plano ) North Texas Cyber Security Group @ntxcsg ( Last Thursday, Jakes, Frisco ) Dallas MakerSpace @dallasmakers ( Random events / Carrollton ) Where

  14. All images scavenged without permission All images scavenged without permission

More Related