All images scavenged without permission

Patch Tuesday Nov – 55 KB Articles with 195 unique downloads Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ASP.NET Core and .NET Core Chakra Core Sources: https://portal.msrc.microsoft.com/en-us/security-guidance https://technet.microsoft.com/en-us/security/advisories No longer working http://technet.microsoft.com/en-us/security/bulletin/ms17-may

Patch Tuesday Dec – 24 KB Articles with 156 unique downloads Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps Microsoft Exchange Server ChakraCore Microsoft Malware Protection Engine Sources: https://portal.msrc.microsoft.com/en-us/security-guidance https://technet.microsoft.com/en-us/security/advisories No longer working http://technet.microsoft.com/en-us/security/bulletin/ms17-may

Holes / Patches Oracle Adobe VMWare Apple Out-Of-Band Tuxedo patch Regular Patches due out 16 Jan Adobe APSB17-42 Flash Player ( 1 CVE) VMWare VMSA-2017-0018.1 ( 6 CVE ) Workstation, Fusion, Horizon View (multi) VMSA-2017-0019 ( 1 CVE ) NSX for vSphere (xss) Apple iOS 11.1.2 / 11.2 Security Update 2017-001 tvOS 11.2 watchOS 4.2 Safari 11.0.2 macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan iTunes 12.7.2 for Windows AirPort Base Station 7.69 / 7.7.9 Mac passwordless root account ships enabled Sources: ## Oracle Patches http://www.oracle.com/technetwork/topics/security/alerts-086861.html oracle tuxedo http://www.theregister.co.uk/2017/11/16/oracle_peoplesoft_tuxedo_security_vulnerabilities/ ##Adobe Patches https://helpx.adobe.com/security.html https://helpx.adobe.com/security/products/flash-player/apsb17-42.html ##Apple patches http://support.apple.com/kb/HT1222 Mac passwordless root account ships enabled https://www.wired.com/story/macos-high-sierra-hack-root/ ##Cisco patches http://tools.cisco.com/security/center/home.x http://tools.cisco.com/security/center/viewAllSearch.x?currentPage=&sortType=d&recordsPerPage=100&searchkey=&filter=43&pageSize=100&pageNo=1 ## VMWare http://www.vmware.com/security/advisories/ https://www.vmware.com/security/advisories/VMSA-2017-0018.html https://www.vmware.com/security/advisories/VMSA-2017-0019.html ## Android https://source.android.com/security/bulletin/index.html https://source.android.com/security/bulletin/2017-07-01

Holes / Patches MS guidance on DDE disablement Linux 4.14 kernel Cisco Voice issues Eavesdropper / Twilio REST API / SDK More chip fixes ME 11.x, SPS 4.0, and TXE 3.0 Sources: MS guidance on DDE disablement https://technet.microsoft.com/en-us/library/security/4053440 Linux 4.14 kernel Cisco Voice issues https://threatpost.com/cisco-warns-of-critical-flaw-in-voice-os-based-products/128913/ https://threatpost.com/oracle-issues-emergency-patches-for-joltandbleed-vulnerabilities/128922/ Easdropper / Twilio REST API / SDK https://www.appthority.com/mobile-threat-center/blog/eavesdropper-mobile-vulnerability-exposing-millions-conversations/ More chip fixes https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

Hacking Intel's CPU management controller has been hacked. Any computer can be owned from USB invisible to the OS malware leveraging Autoit (again) phone charging with ambient light FaceID busted OnePlus root disable Amazon Key cam pfSense command injection ASLR broken? HP printers Echo / Home voice data? saml ticket? key logger on HP laptops all the hacked passwords Hacking Sources: Intel's CPU managment controller has been hacked. Any computer can be owned from USB invisible to the OS https://twitter.com/h0t_max/status/928269320064450560 malware leveragint Autoit (again) https://threatpost.com/autoit-scripting-used-by-overlay-malware-to-bypass-av-detection/128845/ phone charging with ambient light https://futurism.com/printable-solar-cells-charge-smartphone/ FaceID busted https://www.wired.com/story/hackers-say-broke-face-id-security/ oneplus root http://www.androidpolice.com/2017/11/13/oneplus-left-backdoor-devices-capable-root-access/ disable Amazon Key cam https://www.wired.com/story/amazon-key-flaw-let-deliverymen-disable-your-camera/ pfSense https://www.trustedsec.com/2017/11/full-disclosure-authenticated-command-execution-vulnerability-pfsense/ ASLR broken? https://threatpost.com/us-cert-warns-of-aslr-implementation-flaw-in-windows/128948/ HP printers https://threatpost.com/hp-to-patch-bug-impacting-50-enterprise-printer-models/128984/ Echo / Home voice data? https://www.wired.com/story/amazon-echo-and-google-home-voice-data-delete/ saml ticket? https://threatpost.com/saml-post-intrusion-attack-mirrors-golden-ticket/128993/ key logger on hp laptops http://www.bbc.com/news/technology-42309371 https://www.cnet.com/how-to/how-to-remove-the-keylogger-from-your-hp-laptop/ all the hacked passwords https://www.forbes.com/sites/leemathews/2017/12/11/billion-hacked-passwords-dark-web/#46b5b55f21f2

Corp forever 21 popped imgur popped NCF S3 Bucket paypal tio breach uber hides hack for 1yr+ Google android location data Site trackers FB Messenger Kids pepsico + russia = better milk MS IOT Chip apple acquires shazam Sources: forever 21 popped https://risnews.com/forever-21-has-been-hacked-customer-data-stolen imgur popped https://hotforsecurity.bitdefender.com/blog/1-7-million-affected-in-2014-imgur-data-breach-19270.html NCF S3 Bucket https://www.computing.co.uk/ctg/news/3022270/more-american-financial-data-leaks-from-unsecured-s3-bucket paypal tio breach https://news.hitb.org/content/paypals-tio-data-breach-16-million-customers-personal-details-stolen-hackers uber hides hack for 1yr+ https://www.bloomberg.com/news/articles/2017-11-21/uber-concealed-cyberattack-that-exposed-57-million-people-s-data Google android location data https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled/ Site trackers https://www.wired.com/story/the-dark-side-of-replay-sessions-that-record-your-every-move-online/ messenger kids https://www.wired.com/story/facebook-for-6-year-olds-welcome-to-messenger-kids/ pepsico + russia = better milk https://www.forbes.com/sites/thomasbrewster/2017/12/05/pepsico-in-russian-hacking-cyber-espionage-allegations/#693f718d2214 MS IOT Chip https://securityledger.com/2017/12/microsoft-working-secure-processor-internet-things-wired/ apple acquires shazam https://arstechnica.com/gadgets/2017/12/apple-has-acquired-shazam/ Corp

Govt FCC net neutrality Bots breaks FCC and Net Neutrality comments TSA to use fingerprint for id verification, wants facial biometrics 9th Circuit removed anonymity ‘US vs Glassdoor’ 6th Circuit, upheld anonymity ‘Signatuire Management Team LLC vs John Doe’ Patent vs GDPR new robocaller rules oops contractor botches aws account another mil S3 bucket, this one not so benign ICQ self dox / Ar3s = Sergey Jaretz Sources: FCC net neutrality https://www.huntonprivacyblog.com/2017/12/06/fcc-releases-plan-repeal-net-neutrality-rules/ TSA to use fingerprint for id verification, wants facial biometrics https://www.eff.org/deeplinks/2017/11/tsa-plans-use-face-recognition-track-americans-through-airports 9th circuit ruling on glassdoor https://www.eff.org/deeplinks/2017/11/appeals-courts-disturbing-ruling-jeopardizes-protections-anonymous-speakers patent vs gdpr https://www.huntonprivacyblog.com/2017/11/15/german-privacy-laws-intersect-discovery-patent-case/ new robocaller rules https://www.wired.com/story/robocall-getting-worse-but-help-is-here/ oops contractor botches aws account https://arstechnica.com/information-technology/2017/11/vast-archive-from-pentagon-intel-gathering-operation-left-open-on-amazon/ another S3 bucket, this one not so benign https://threatpost.com/leaky-aws-storage-bucket-spills-military-secrets-again/129021/ Bots break fcc and net neutrality https://news.hitb.org/content/how-bots-broke-fccs-public-comment-system speaker anomyinty upheld https://www.eff.org/deeplinks/2017/12/court-recognizes-first-amendment-right-anonymity-even-after-speakers-lose-lawsuits ICQ self dox https://news.hitb.org/content/mastermind-behind-sophisticated-massive-botnet-outs-himself Govt

Papers Google password report FB Privacy Settings https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/46437.pdf FB Privacy Settings https://www.wired.com/story/how-to-lock-down-facebook-privacy-settings/ EFF SEC (security education companion) https://sec.eff.org/ powershell for audit, alerting, remediation https://www.sans.org/reading-room/whitepapers/assurance/supplementing-windows-audit-alerting-remediation-powershell-38140 Data mining in the dark https://www.sans.org/reading-room/whitepapers/threatintelligence/data-mining-dark-darknet-intelligence-automation-38175 Mr. HITB goes to washington https://www.troyhunt.com/im-testifying-in-front-of-congress-in-washington-dc-about-data-breaches-what-should-i-say/ harvard campaign security playbook https://www.belfercenter.org/sites/default/files/files/publication/Playbook%201.3.pdf Papers Sources: Google password report https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/46437.pdf FB Privacy Settings https://www.wired.com/story/how-to-lock-down-facebook-privacy-settings/ EFF SEC https://sec.eff.org/ powershell for sudit https://www.sans.org/reading-room/whitepapers/assurance/supplementing-windows-audit-alerting-remediation-powershell-38140 darkweb https://www.sans.org/reading-room/whitepapers/threatintelligence/data-mining-dark-darknet-intelligence-automation-38175 Mr. HIBP goes to washington https://www.troyhunt.com/im-testifying-in-front-of-congress-in-washington-dc-about-data-breaches-what-should-i-say/ harvard campaing security playbook https://www.belfercenter.org/sites/default/files/files/publication/Playbook%201.3.pdf

malware email address analysis WebBrowser Security? http://resources.infosecinstitute.com/best-practices-web-browser-security/ malware email address analysis https://www.scmagazine.com/an-analysis-of-3000-malware-email-addresses/article/710024/ smartphone sec 101 https://www.wired.com/story/smartphone-security-101/ bug sweeping https://www.wired.com/story/how-to-sweep-for-bugs/ Papers Sources: WebBrowser Security? http://resources.infosecinstitute.com/best-practices-web-browser-security/ malware email address analysis https://www.scmagazine.com/an-analysis-of-3000-malware-email-addresses/article/710024/ smartphone sec 101 https://www.wired.com/story/smartphone-security-101/ bug sweeping https://www.wired.com/story/how-to-sweep-for-bugs/

WTF WikiLeaks Sources: fuk wikileaks https://theintercept.com/2017/11/15/wikileaks-julian-assange-donald-trump-jr-hillary-clinton/

Tools SNIFFlab RDPY txt.fyi Depth1 - ctf walkthrough Python for MITM environment RDPY Python for RDP hacking txt.fyi Blog plugin to break links Depth1 - ctf walkthrough tenta - https://tenta.com/ DNS over TLS mailsploit Mail spoofing Cred0v3r Credential reuse tool blackhat arsenal Tools Sources: snifflab https://www.darknet.org.uk/2017/11/snifflab-create-mitm-test-environment/ rdpy - rdp hacking https://www.darknet.org.uk/2017/11/rdpy-rdp-security-tool-hacking-remote-desktop-protocol/ txt.fyi - antiviral https://www.wired.com/story/this-stripped-down-blogging-tool-exemplifies-antisocial-media/ Depth1 - ctf walkthrough http://resources.infosecinstitute.com/depth-1-ctf-walkthrough/ tenta - https://tenta.com/ DNS over TLS https://news.hitb.org/content/new-web-browsing-security-tool-arrives-dns-over-tls mailsploit https://www.wired.com/story/mailsploit-lets-hackers-forge-perfect-email-spoofs/ Cred0v3r - cred reuse tool https://www.darknet.org.uk/2017/12/cr3dov3r-credential-reuse-attack-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed blackhat arsenal http://www.toolswatch.org/2017/12/black-hat-arsenal-top-10-security-tools-as-voted-by-the-audience/

Future Cons Shmoo Con - 19-21 Jan DC CyberUSA Conference 2018 - Jan 29-30 San Antonio InfoSec SouthWest - Apr 11-13 Austin Future Cons Sources: https://infosec-conferences.com/events-in-2018/ http://www.securitybsides.com/w/page/12194156/FrontPage

Where DHA @Dallas_Hackers TX2600 @dallas2600 The Lab.MS @TheLab_ms ( 1st Wednesday / Family Karaoke, Dallas ) TX2600 @dallas2600 ( 1st Fri / Wild Turkey 35&WalnutHill, Dallas ) The Lab.MS @TheLab_ms ( 2nd Saturday + random events / TheLab.ms, Plano ) ISSA Fort Worth @ISSAFortWorth ( 2nd Tuesday / location varies ) ?? Fort Worth Crypto Party ?? ( 2nd Tuesday ? / The Maker Spot, N. Richland Hills ) Hack Ft Worth @Hack_FtW ( 3rd-ish Tuesday / Buffalo West, Fort Worth) OWASP Dallas @OWASPDallas ( 3rd Tuesday / location varies ) Crypto Party DFW @CryptoPartyDFW ( 3rd Thursday / TheLab.ms, Plano ) North Texas Cyber Security Group @ntxcsg ( Last Thursday, Jakes, Frisco ) Dallas MakerSpace @dallasmakers ( Random events / Carrollton ) Sources: https://www.google.com/calendar/embed?src=c4ervam9s3ep79dtdjd1k9kgbk%40group.calendar.google.com&ctz=America/Chicago Where

Sources: All images scavenged without permission