Previous Gnews All images scavenged without permission

Patch Tuesday Nov – 55 KB Articles with 195 unique downloads Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ASP.NET Core and .NET Core Chakra Core Sources: https://portal.msrc.microsoft.com/en-us/security-guidance https://technet.microsoft.com/en-us/security/advisories No longer working http://technet.microsoft.com/en-us/security/bulletin/ms17-may

Holes / Patches Adobe VMWare Apple APSB17-33 Flash Player (5 CVE) APSB17-34 Photoshop (2 CVE) APSB17-35 Connect (5 CVE) APSB17-36 Acrobat \ Reader (62 CVE) APSB17-37 DNG Converter (1 CVE) APSB17-38 Design (1 CVE) APSB17-39 Digital Editions (6 CVE) APSB17-40 Shockwave Player (1 CVE) APSB17-41 Experience Manager (1 CVE) VMWare VMSA-2017-0016 / AirWatch Console and Launcher for Android (2 CVE) VMSA-2017-0017 / vCenter Server LDAP DOS, SSRF and CRLF injection (3 CVE) Apple watchOS 4.1 iOS 11.1 macOS 10.13.1 / Security Update 2017-001 Sierra / Security Update 2017-004 El Capitan tvOS 11.1 Safari 11.0.1 iTunes 12.7.1 for Windows iCloud for Win 7.1 iOS 11.1.1 Sources: ## Oracle Patches http://www.oracle.com/technetwork/topics/security/alerts-086861.html ##Adobe Patches https://helpx.adobe.com/security.html https://helpx.adobe.com/security/products/flash-player/apsb17-33.html https://helpx.adobe.com/security/products/photoshop/apsb17-34.html https://helpx.adobe.com/security/products/connect/apsb17-35.html https://helpx.adobe.com/security/products/acrobat/apsb17-36.html https://helpx.adobe.com/security/products/dng-converter/apsb17-37.html https://helpx.adobe.com/security/products/indesign/apsb17-38.html https://helpx.adobe.com/security/products/Digital-Editions/apsb17-39.html https://helpx.adobe.com/security/products/shockwave/apsb17-40.html https://helpx.adobe.com/security/products/experience-manager/apsb17-41.html ##Apple patches http://support.apple.com/kb/HT1222 ##Cisco patches http://tools.cisco.com/security/center/home.x http://tools.cisco.com/security/center/viewAllSearch.x?currentPage=&sortType=d&recordsPerPage=100&searchkey=&filter=43&pageSize=100&pageNo=1 ## VMWare http://www.vmware.com/security/advisories/ https://www.vmware.com/security/advisories/VMSA-2017-0016.html https://www.vmware.com/security/advisories/VMSA-2017-0017.html ## Android https://source.android.com/security/bulletin/index.html https://source.android.com/security/bulletin/2017-07-01

Holes / Patches MS Office bypass feature flash0-day 250 oracle Critical PS ROCA TPM flaw SkyLake MPX Flaw (memory protection extension) Splunk Privilege escalation Oracle identity manager 0-day cisco bgp S3 update Sources: MS Office bypass feature https://threatpost.com/legacy-office-feature-used-in-novel-document-attacks/128420/ flash0-day https://threatpost.com/adobe-patches-flash-zero-day-exploited-by-black-oasis-apt/128467/ 250 oracle https://threatpost.com/oracle-patches-250-bugs-in-quarterly-critical-patch-update/128484/ Critical PS https://threatpost.com/critical-code-execution-flaw-patched-in-peoplesoft-core-engine/128510/ ROCA TPM flaw https://securityledger.com/2017/10/crypto-flaw-roca-wide-impact-internet-things/ SkyLake MPX Flaw (memory protection extenaion) https://threatpost.com/boundhook-attack-exploits-intel-skylake-mpx-feature/128517/ Splunk Privelge escalation https://www.splunk.com/view/SP-CAAAP3M Oracle identity manager 0-day https://threatpost.com/emergency-oracle-patch-closes-bug-rated-10-in-severity/128698/ cisco bgp https://threatpost.com/cisco-patches-dos-flaw-in-bgp-over-ethernet-vpn-implementation/128780/ S3 update https://news.hitb.org/content/amazon-s3-security-update-tries-protect-admins-their-own-mistakes

Hacking WPA2 is toast Locky leveraging no macros BLU phones https://www.krackattacks.com/ Cisco 29 products Locky leveraging no macros BLU phones Locky Morphs again ML inception FancyBear party invite DUHK FIPS why dating apps suck MQX Hacking Sources: WPA2 is toast https://www.krackattacks.com/ Cisco 29 products https://threatpost.com/cisco-warns-69-products-impacted-by-krack/128546/ Locky leveraging no macros https://www.healthcareinfosecurity.com/locky-ransomware-spam-infects-via-microsoft-office-a-10392 BLU phones https://threatpost.com/down-the-rabbit-hole-with-a-blu-phone-infection/128390/ Locky Morphs again https://threatpost.com/locky-gets-updated-to-ykcol-part-of-rapid-fire-spam-campaigns/128412/ ML inception https://www.wired.com/story/googles-learning-software-learns-to-write-learning-software FancyBear party invite https://www.healthcareinfosecurity.com/blogs/fancy-bear-invites-dc-conference-goers-to-install-malware-p-2554 DUHK FIPS https://threatpost.com/duhk-attack-exposes-gaps-in-fips-certification/128582/ why dating apps suck https://securelist.com/dangerous-liaisons/82803/ MQX https://securityledger.com/2017/10/security-hole-mqx-operating-system-puts-internet-of-things-crosshairs/?utm_source=feedblitz&utm_medium=FeedBlitzRss&utm_campaign=thesecurityledger

Corp hyatt popped Win 10 breaks dutch law googleplay bug bounty MS bakes in anti-game cheating cvs bidding on aetna? bad rabbit epson ink tricks PCI EMV 3D standards APNIC dumps password hashes Slack SAML bug Secure drop bug google to drop public key pinngin in chrome Sources: hyatt popped https://www.healthcareinfosecurity.com/hyatt-hotels-suffers-international-payment-card-data-breach-a-10380 Win 10 breaks dutch law https://news.hitb.org/content/dutch-privacy-regulator-says-windows-10-breaks-law googleplay bug bounty https://threatpost.com/google-play-bounty-promises-1000-rewards-for-flaws-in-popular-apps/128542/ MS bakes in anti-game cheating https://news.hitb.org/content/windows-now-includes-gaming-cheat-detection-system-level cvs bidding on aetna? http://money.cnn.com/2017/10/26/investing/aetna-cvs-merger/index.html bad rabbit https://researchcenter.paloaltonetworks.com/2017/10/threat-brief-information-bad-rabbit-ransomware-attacks/ epson ink tricks https://www.eff.org/deeplinks/2017/10/epson-using-its-ebay-trusted-status-make-competing-ink-sellers-vanish PCI EMV 3D standards https://www.pcisecuritystandards.org/pdfs/New_PCI_Security_Standards_And_Program_To_Support_Adoption_of_EMV_3DS.pdf APNIC dumps password hashes https://threatpost.com/whois-maintainer-accidentally-makes-password-hashes-available-for-download/128586/ Slack SAML bug https://threatpost.com/slack-plugs-severe-saml-user-authentication-hole/128655/ Secure drop bug https://theintercept.com/2017/10/24/why-we-reinstalled-securedrop/ google to drop public key pinngin in chrome https://threatpost.com/google-to-ditch-public-key-pinning-in-chrome/128679/ Corp

Corp Protecting data at teh border act Austrailia and f35 leak ADministration to force DMARC and STARTTLS AI folks want to end govt blackboxes Canada's "nsa" drops open-source tool USA Rights Act (section 702 oversight) Florida upholds pre-1972 recordings law google vs equustek TX national guard dirt boxes Sources: Protecting data at teh border act https://www.eff.org/deeplinks/2017/10/pass-protecting-data-border-act Austrailia and f35 leak https://news.hitb.org/content/australian-defense-firm-was-hacked-and-f-35-data-stolen-dod-confirms http://www.securityweek.com/dhs-orders-federal-agencies-use-dmarc-https ADministration to force DMARC and STARTTLS AI folks want to end govt blackboxes https://www.wired.com/story/ai-experts-want-to-end-black-box-algorithms-in-government Canada's "nsa" drops open-source tool https://news.hitb.org/content/canadas-super-secret-spy-agency-releasing-malware-fighting-tool-public USA Rights Act (section 702 oversight) https://www.eff.org/deeplinks/2017/10/usa-rights-act-protects-us-nsa-spying Florida upholds pre-1972 recordings law https://www.eff.org/deeplinks/2017/10/win-music-listeners-florida-no-performance-right-pre-1972-recordings google vs equustek https://www.eff.org/deeplinks/2017/11/us-federal-court-rejects-global-search-order TX national guard dirt boxes https://www.texasobserver.org/texas-national-guard-spying-devices-surveillance/ Corp

Papers EU-US privacy shield report More unredacted JFK docs https://www.huntonprivacyblog.com/2017/10/18/eu-commission-releases-report-on-first-annual-review-of-the-eu-u-s-privacy-shield-framework/ More unredacted JFK docs https://www.archives.gov/research/jfk/2017-release https://theintercept.com/2017/10/25/jfk-assassination-files-nsa-cuba/ highly secure win10 https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-highly-secure Papers Sources: EU-US privacy shield report https://www.huntonprivacyblog.com/2017/10/18/eu-commission-releases-report-on-first-annual-review-of-the-eu-u-s-privacy-shield-framework/ More unredacted JFK docs https://www.archives.gov/research/jfk/2017-release https://theintercept.com/2017/10/25/jfk-assassination-files-nsa-cuba/ highly secure win10 https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-highly-secure

WTF Fahrenheit 451 MS / Google jibjab Amazon Key Fed try to bust guy for possession of data obtained via foia bjork, cryptocurrency giveaway bulbasaur daily stormer now hosted out of anguilla WTF Sources: Fahrenheit 451 https://sploid.gizmodo.com/this-special-edition-of-fahrenheit-451-can-only-be-read-1819648949 MS / Google jibjab https://www.computing.co.uk/ctg/news/3019527/microsoft-whacks-google-with-responsibly-disclosed-remote-code-execution-flaw-in-chrome Amazon Key https://risnews.com/see-how-amazon-key-works-ultimate-home-fulfillment Fed try to bust guy for possession of data obtained via foia https://www.techdirt.com/articles/20171029/20343738510/declassified-docs-show-nsa-trying-to-prosecute-journalist-his-successful-foia-requests.shtml bjork, cryptocurrency giveaway https://gizmodo.com/bjorks-reportedly-giving-away-cryptocurrency-with-her-n-1820116252 bulbasaur http://www.clickhole.com/article/5-ways-get-other-masked-orgy-participants-accept-b-6846 daily stormer now hosted out of anguilla https://theintercept.com/2017/10/27/daily-stormer-anguilla-web-domain/

Tools SQLiv Python SQLi dorking Sources: SQLiv - Python SQLi dorking https://www.darknet.org.uk/2017/10/sqliv-sql-injection-dork-scanning-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

Where DHA @Dallas_Hackers TX2600 @dallas2600 The Lab.MS @TheLab_ms ( 1st Wednesday / Family Karaoke, Dallas ) TX2600 @dallas2600 ( 1st Fri / Wild Turkey 35&WalnutHill, Dallas ) The Lab.MS @TheLab_ms ( 2nd Saturday + random events / TheLab.ms, Plano ) ISSA Fort Worth @ISSAFortWorth ( 2nd Tuesday / location varies ) Hack Ft Worth @Hack_FtW ( 3rd-ish Tuesday / Buffalo West, Fort Worth) OWASP Dallas @OWASPDallas ( 3rd Tuesday / location varies ) Crypto Party DFW @CryptoPartyDFW ( 3rd Thursday / TheLab.ms, Plano ) North Texas Cyber Security Group @ntxcsg ( Last Thursday, Jakes, Frisco ) Dallas MakerSpace @dallasmakers ( Random events / Carrollton ) Sources: https://www.google.com/calendar/embed?src=c4ervam9s3ep79dtdjd1k9kgbk%40group.calendar.google.com&ctz=America/Chicago Where

Sources: All images scavenged without permission