Aug/Sep News (PPT) - DC214

carpentergambrinousΑσφάλεια

3 Δεκ 2013 (πριν από 3 χρόνια και 10 μήνες)

106 εμφανίσεις

PREVIOUS GNEWS



2 Patches


0 Critical


2 CVEs


Affected












Other updates, MSRT, Defender Definitions, Junk Mail Filter


MS12
-
052
-

060



5 critical, 8 remote code execution, 26 CVEs, rdp, visio,
exchange, kernal and more


MS12
-
061

-

Visual Studio Team Foundation Server, Elevation of Privilege


MS12
-
062

-

System Center Configuration Manager, Elevation of Privilege


Patch Tuesday


Oracle out of band patch



Adobe


APSB12
-
16 Adobe Reader and Acrobat



Apple,


Apple Remote Desktop 3.6.1


Java for OSX


iTunes 10.7



Cisco


ASA CX / PRSM log DoS


Unified Presence / Jabber DoS


AnyConnect, code execution


IOS Authentication, DoS

Holes / Patches


Java now with mac updates



Norton online backup, allowed viewing other user data



Apple remote desktop, now with encryption



VMWare, opensource components update


Holes


Kill Switch found in dirt jumper kill
DDoS

tool



kaspersky

call to assist in gauss crack


Gauss the new
stuxnet



blue prize tool is already bypassed,
ropguard



Anti
-
Leaks
DDoS

on
WikiLeaks



Tilon

malware, avoids detection



Pwnium2, Google offers up 2mil in bounties



Shamoon



SANS summary of SCADA authentication issues



Crisis now for windows :P



More password foo


Hacking


Bored hackerspace digs up 25yr old Mac Easter Egg



Stripes CTF 2.0, online week long CTF



Google Chrome for iOS incognito mode, stores passwords



More SSL attacks from house of Beast



FBI colludes with BlueToad and Anonymous to brute force 22
million andriod UUIDs for iphone


Hacking


google

buys virus total



IE 10 to reject certs <1024 bit



digia

buys
qt



ios

encrypt impossible to crack (by
nsa

standards)



trap wire???



Google weights search results based on DMCA notices



Facebook app verification


FTC jumps in



IE defaults with do not track


gapping flaw
alows

bypass


Corp


New batteries reduce charge time to minutes



AMD loses 30Kbs to hackers



dell buys
sonicwall



NIST BIOS RFC



cyber war defined? (air force thinks so)



bitcoin

ponzi

totaling 56mil





Corp


bitcoinia

suit



piratebay

again



expansion of child data protection


(operator / website definitions and advertising)



location data is not private



Fed backdoors??



FB face recognition illegal in Germany



Kim can see data



TPP
-

Trans
-
Pacific Partnership Agreement Intellectual Property Chapter
(SOPA/PIPA
redux
)


sniffing
wifi

not wiretapping


Legal

Backtrack 5r3


mac
fde


java
leak finder


solarwinds


nixle


mobilescope


outlook.com


dropbox

two
factor


urlshorteners










tools

Papers


byodtoolkit

http://www.cio.gov/byod
-
toolkit.pdf


Snort install guide for freebsd

http://blog.snort.org/2012/08/snort
-
2931
-
installation
-
guide
-
for.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+
Snort+%28Snort%29


dhs critical infra attacks

http://www.simplysecurity.com/2012/08/28/dhs
-
report
-
confirms
-
spike
-
in
-
critical
-
infrastructure
-
cyberattacks/

https://www.us
-
cert.gov/control_systems/pdf/ICS
-
CERT_Incident_Response_Summary_Report_09_11.pdf


UTD frankenstien

http://www.dfinews.com/news/frankenstein
-
programmers
-
test
-
cybersecurity
-
monster

https://www.usenix.org/conference/woot12/frankenstein
-
stitching
-
malware
-
benign
-
binaries


NIST patching draft

http://csrc.nist.gov/publications/drafts/800
-
40/draft
-
sp800
-
40rev3.pdf













WTF


Face deals app



Defender in Win8 molests hosts files



IAC buys about.com



Warrants, what for



secure boot flips, bans windows








CON Events

burning man Aug 27
-

sep 3

www.
burningman
.com/








defconvids

http://it.toolbox.com/blogs/securitymonkey/chiefs
-
picks
-
videos
-
from
-
blackhat
-
briefings
-
usa
-
2012
-
52774?rss=1


hacker dojo

http://news.hitb.org/content/googles
-
backyard
-
hackers
-
face
-
eviction

All images scavenged without permission

All images scavenged without permission