PREVIOUS GNEWS

1. PREVIOUS GNEWS

2. Patch Tuesday • 13 Patches – 6 Critical – 57-ish CVEs • Affected – IE, .NET, Kernel, TCP/IP, Exchange,….. • Other updates, MSRT, Defender Definitions, Junk Mail Filter • MS13-008 – IE out of band, Remote Code • MS13-009 – Cumulative Update for Internet Explorer, Remote Code • MS13-010 - Vector Markup Language, Remote Code • MS13-011 - Media Decompression, Remote Code • MS13-012 - Microsoft Exchange Server, Remote Code • MS13-013 - FAST Search Server 2010 for SharePoint Parsing , Remote Code • MS13-014 - NFS Server, DoS • MS13-015 - .NET Framework, Privilege Escalation • MS13-016 - Windows Kernel-Mode Driver, Privilege Escalation • MS13-017 - Windows Kernel, Privilege Escalation • MS13-018 - TCP/IP, DoS • MS13-019 - Windows Client/Server Run-time Subsystem (CSRSS), Privilege Escalation • MS13-020 - OLE Automation, Remote Code Execution

3. Holes / Patches • Oracle, 86 Fixes • Adobe • APSB13-03 – ColdFusion  4 CVEs • APSB13-04 – Adobe Flash Player  2 CVEs • APSB13-05 – Adobe Flash Player  17 CVEs • APSB13-06 – Adobe Shockwave Player  2 CVEs • Apple, • iOS 6.1 (27 patches) • Apple TV 5.2 • Java for OSX 10.6 Update 12 • OSX Server v2.2.1 • Cisco • NAC Appliance, XSS • Cisco Nexus 7000 M!-Series, DoS • Unity Express, multiple vulns • Wireless LAN Controllers, multiple vulns

4. Holes / Hacking • iOS 6 jailbreak, 7mil install in 4 days • Juniper JUNOS DoS • Linksys default 0-day, WRT54GL • github search = passwd • Samsung devices (exynos 4) • OpenSSL timing attack (patch avail) • http://www.isg.rhul.ac.uk/tls/TLStiming.pdf • HP JetDirect again • UPNP plug and play, scan for port 1900 now • Fun with Facebook Graph Search • GIAC website XSS

5. Holes / Hacking • Anti-Facial? There are glasses for that. • new compression / new stego?! • White house = civic hacking • Change your twitter passwd • win8 for that aging mac mini • Car blackboxes • red october • Air Traffic Control hackable? • DVRs • Flickr privacy settings

6. Corp • Belkinbuys Linysysfrom Cisco • Cisco buys Cognitive Security • Cisco to launce a new advisory format • MEGA launch party • MEGA cracked? • 3rd party MEGA indexing • Nokia retires Symbian • Backdoors in Barracuda gear (fw, vpn, spam) • Poland CERT takes down malware servers • Github unblocked in China • Google and Twitter drop Transparency Reports • DoD offers Information Assurance Scholarship (apply by feb 4th)

7. Legal • FBI cell phone tracking • Anonymous calls for DoS as speech. • TX teen appeals • FISA Amendments Act gets 5 years • megaupload was not entrapped • canada denies us access to megaupload servers • Aaron Swartz • signapore introduces pre-crime cyber law • candian student expelled • texxxan.com • no more phone unlocky • google / yahoo requires probable cause • meanwhile govtstrongarms twitter • russia leaves anti-crime pact

8. Papers • CA AG mobile privacy doc • http://oag.ca.gov/sites/all/files/pdfs/privacy/privacy_on_the_go.pdf • researcher security advisory writing guidelines • http://blog.osvdb.org/2013/01/15/researcher-security-advisory-writing-guidelines • malicious http requests • https://www.sans.org/reading_room/whitepapers/detection/identify-malicious-http-requests_34067 • phishing • https://www.sans.org/reading_room/whitepapers/email/phishing-detecton-remediation_34082 • watermarks / dlp • https://www.sans.org/reading_room/whitepapers/detection/watermarks-prevent-leaks_34087 • host detect / dlp • https://www.sans.org/reading_room/whitepapers/detection/host-based-detection-data-loss-prevention-open-source-tools_34055 • article 51 • http://resources.infosecinstitute.com/invoking-article-51-un-charter-cyber-attacks-ihttp://resources.infosecinstitute.com/invoking-article-51-of-un-charter-response-cyber-attacks-ii • legalities of byod • https://www.sans.org/reading_room/whitepapers/legal/legal-issues-corporate-bring-device-programs_34060

9. Papers • mod_rewrite • https://www.sans.org/reading_room/whitepapers/incident/web-log-analysis-defense-mod_rewrite_34107 • IDS • https://www.sans.org/reading_room/whitepapers/detection/what-039-s-running-network_34102 • android devices • https://www.sans.org/reading_room/whitepapers/networkdevs/monitoring-network-traffic-android-devices_34097 • ios forensics • https://www.sans.org/reading_room/whitepapers/forensics/forensic-analysis-ios-devices_34092 • FTC guidance for mobile privacy • http://www.ftc.gov/os/2013/02/130201mobileprivacyreport.pdf • data privacy study • http://www.ponemon.org/local/upload/file/2012%20MTC%20Report%20FINAL.pdf • protection and breach guide • https://otalliance.org/resources/incident/2013DataBreachGuide-PreRelease.pdf • reversing / anti-reversing • http://resources.infosecinstitute.com/unpacking-reversing-patching/http://resources.infosecinstitute.com/anti-debugging/

10. tools • DMDE data recovery • malware bytes chameleon • annvalsiem • wifipineapple

11. WTF • Europe wants royalties on links • work smarter not harder (or at all) • developer outsources his own job • asteroids anyone? • govt website does • FB turns facial recognition back on

12. CON Events • DefCon Documentary • DefCon20 Slides • http://it.toolbox.com/blogs/securitymonkey/defcon-20-slides-are-up-52607 • CanSecWest Pwn2Own hits 5 mil in prizes

13. All images scavenged without permission All images scavenged without permission