PREVIOUSLY GNEWS
Feb – 13 Patches – 6 Critical – 36ish CVEs MS Cumulative Security Update for IE, Remote Code MS Cumulative Security Update for Edge, Remote Code MS Microsoft Windows PDF Library, Remote Code MS Windows Journal, Remote Code MS Microsoft Windows, Remote Code MS Microsoft Office, Remote Code MS WebDav, Privilege Escalation MS Remote Desktop Display Driver, Privilege Escalation MS Windows Kernel-Mode Driver, Privilege Escalation MS NET Framework, DoS MS Active Directory Federation Services, DoS MS NPS Radius Server, DoS MS Adobe Flash Player Patch Tuesday
Adobe –248 fixes Adobe –APSB16-03 Photshop CC and Bridge CC ( 3 CVE) –APSB16-04 Flash Player ( 22 CVE) –APSB16-05 Experience Manager ( 4 CVE) –APSB16-07 Connect ( 3 CVE) Apple –iOS ( 13 CVE) –Security Update ( 9 CVE) –Safari ( 6 CVE) –tvOS ( 8 CVE) VMWare –VMSA ( 1 CVE) deserialization –VMSA ( 1 CVE) guest privilege escalation Cisco, Aironet hardcoded passwd OpenSSH, private key leak OpenSSL, X9.42 parameters linux kernel bug, keyrings reference leak (+PoC code) Holes / Patches
LastPass Phishing Campaign powershell morse code AC unit = blackout generator –unencrypted RF cut off “valve” Hacking
Cryptsy Bitcoin Exchanged robbed 13K bitcoin (5mil) Yahoo pays 10K for XSS bug Norse falls off the map Lenovo really 'shareit' with ' ' Java browswe plugin death Wendys breached Chase cardless ATMs HD Moore leaves R7 Intel Autheticate in VPro Chips FireEye buys iSight Partners St.Louis Centene loses unencrypted drives Xerox to split VirusTotal adds firmware scanning IEEE anti-malware support service Corp
FOIA Reform Bill FDA Security Guidance Notice and Stay Down –US copyright safe harbor provision (section 512) TX License Plate Readers Canada limits data sharing DOJ Job applicants posted to twitter Federal CISO Govt
DarkNet Intro Powershell Windump version-windump AWS guidance Hacking the patent system Draft Redhat Stig Draft Application Sec STIG Papers
Imperva says you need state sponsorship to run a tor exit node torflow.uncharted.software rm -rf / all the UEFI WTF !!!
Tools metabrik automate malware analysis SpiderMal passive DNS analysis with python passivetotal and maltego zcash untraceable bitcoin alternative SET 7.0
CanSecWest – Vancouver Mar B-Sides Austin Mar-Apr InfoSec Southwest – Austin 8-10 Apr B-Sides OK – 09 Apr B-Sides Nashville – 16 Apr ThotCon 0x7 – Chicago 5-6 May B-Sides San Antonio21 May Circle City Con – Indianapolis Jun SANS DFIR Summit – Austin Jun Cons
DC214 in top 5 for Contest --> what can you do to make a positive impact on the community With the relaunch of DEF CON Groups we wanted to start a new kind of initiative, but in a recognizable format: we want to bring in the new year with a competition. This is the first competition of its kind. It’s not a black badge competition but it will take a lot of work and determination to succeed - and the rewards are equally sweet. This is a year-long competition for all DEF CON groups, and we expect quality. Here’s the challenge: what can you do to make a positive impact on the community, be it globally, locally, or hacker-globally. What can your DCG do to improve… anything? We’re trying to make something better, not just point out what is broken without providing a solution. To be entered into the competition, submit a link to a 3- minute (at least!) YouTube video from your DCG as a whole describing what you’re planning on accomplishing over the year. Don’t just generally describe what you want to do - describe your time schedule, who has expertise in what, why, etc. The more detail the better. DefCon Groups
CanSecWest – Vancouver Mar B-Sides Austin Mar-Apr InfoSec Southwest – Austin 8-10 Apr B-Sides OK – 09 Apr B-Sides Nashville – 16 Apr ThotCon 0x7 – Chicago 5-6 May B-Sides San Antonio21 May Circle City Con – Indianapolis Jun SANS DFIR Summit – Austin Jun Cons
DHA ( 1 st Wednesday / Family Karaoke, dallas ) TX2600 ( 1 st Fri / Wild Turkey 35&WalnutHill, dallas ) The Lab.MS ( 2 nd Monday + random events / TheLab.ms, plano ) OWASP Dallas ( 3 rd Tuesday / location varies ) Crypto Party ( 3 rd Thursday / Improving Enterprises, addison ) NAISG replacement is coming ( 4 th Thursday, Jakes, Frisco ) Dallas MakerSpace ( Random events / carrollton )
All images scavenged without permission