PREVIOUS GNEWS. 7 Patches – x bugs addressed Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows Other updates, MSRT, Defender Definitions,

Slides:

Advertisements

Similar presentations

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Advertisements

Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.

PREVIOUS GNEWS. ? Patches – ? Critical – ? CVEs Affected – ? Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS NEXT WEEK FOOL Patch.

PREVIOUS GNEWS "This is Gary Gnu... and the no gnews is good gnews show. The ONLY tv gnews show guar-an-TEED-- to contain NO gnews what-so-ever."

PREVIOUS GNEWS. ? Patches – ? Critical – ? CVEs Affected – ? Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.

PREVIOUS GNEWS. 7 Patches – 3 Critical – 23 CVEs Affected – RDP, IE, Lync, Windows Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS

PREVIOUS GNEWS. 11 Patches – 5 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS IE, Remote Execution.

. 15 Patches / 32 Vulns – 9 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Windows.

PREVIOUS GNEWS. 13 Patches – 5 Critical Affecting Windows (pretty much all of them) Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS

3 Patches – x bugs addressed Affecting Kernel, SChannel, DNS/WINS Other updates, MSRT, Defender Definitions, Junk Mail Filter 3 Security Patches - 1 Critical,

PREVIOUS GNEWS. 4 Patches – 9 bugs addressed Affecting Windows, SQL, Exchange (OWA) Other updates, MSRT, Defender Definitions, Junk Mail Filter 8 Security.

PREVIOUS GNEWS. Oct - 8 Patches – 3 Critical - 24 CVEs MS Cumulative Security Update for Internet Explorer MS NET Framework, Remote Code.

Advanced Security Center Overview Northern Illinois University.

Appliance Firewalls A Technology Review By: Brent Huston T h e B l a c k H a t B r i e f i n g s July 7-8, 1999 Las Vegas.

PREVIOUS GNEWS. Apr 4 Patches – 2 Critical – 11 CVEs MS Microsoft Word and Office Web Apps, Remote Code MS Cumulative Security Update.

Introduction to ITS SU. What we will cover ? Why it is important to you ? Netid account Printing SUmail Public Labs SURA/VPN AirOrangeX Getting.

PREVIOUS GNEWS. 4 Patches – x bugs addressed Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows Other updates, MSRT, Defender Definitions,

A First Course in Information Security

Computer Concepts – Illustrated 8 th edition Unit C: Computer Software.

9 Patches – 2 Critical – 12 CVEs Affected – IE, Kernel, SharePoint, Remote Desktop, AD….. Other updates, MSRT, Defender Definitions, Junk Mail Filter.

PREVIOUS GNEWS. 6 Patches – 1 Critical – 22 CVEs Affected – IE. Kernel, Print, Office MS Cumulative Security Update for Internet Explorer MS

Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.

PREVIOUS GNEWS. Patches – 1 Critical Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS DNS Server, DoS –MS Kernal Mode Driver,

PREVIOUS GNEWS. 8 Patches – 10 bugs addressed Affecting Project, Visio, DNS, GDI, Scripting, Activex, IE, Windows Other updates, MSRT, Defender Definitions,

PREVIOUS GNEWS. 7 Patches – 3 Critical – 23 CVEs Affected – Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Microsoft Word, Remote.

PREVIOUS GNEWS. 4 Patches – 2 bugs addressed Affecting Windows, Windows Servers, Other updates, MSRT, Defender Definitions, Junk Mail Filter, RootCert.

PREVIOUS GNEWS. 7 Patches – 3 Critical – 20 CVEs Affected – IE, Kernel, Visio, Silverlight Sarepoint,….. Other updates, MSRT, Defender Definitions, Junk.

PREVIOUS GNEWS. 2 Patches / 3 Vulns – 1 Critical Affecting Windows XP, Vista, 7, 2003, 2008 Other updates, MSRT, Defender Definitions, Junk Mail Filter.

PREVIOUS GNEWS. 4 Patches – 12 bugs addressed Affecting Office, Visual Studio, BizTalk Other updates, MSRT, Defender Definitions, Junk Mail Filter 4 Security.

Previous Gnews. 13 Patches – 8 Critical, Affects pretty much everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS SMBv2.

PREVIOUS GNEWS. 7 Patches – 11 bugs addressed Affecting Windows, Windows Servers, Vista, Media Player, DirectX, Macrovision (DRM) Other updates, MSRT,

PREVIOUS GNEWS. July - 6 Patches – 2 Critical - 27 CVEs MS Cumulative Security Update for IE, Remote Code MS – Windows Journal, Remote Code.

PREVIOUS GNEWS. 8 Patches – 3 Critical – 19+ CVEs Affected – GDI, Hyper-V, Outlook, Office, IE, Activex, and more MS Cumulative Security Update.

PREVIOUS GNEWS. 7 Patches – 1 Critical Affecting server builds and powerpoint Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Windows.

PREVIOUS GNEWS. 6 Patches – 4 Critical – 19 CVEs Affected – Kernel, SQL, Kerberos, Word, HTML, SharePoint Other updates, MSRT, Defender Definitions, Junk.

P  e  i  Gne . 6 Patches, 12 bugs – 3 Critical, Affects Windows, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS

PREVIOUS GNEWS. 6 Patches – 4 Critical – 11 CVEs Affected – SQL, Visual Basic, Visual Foxpro, more… Other updates, MSRT, Defender Definitions, Junk Mail.

PREVIOUS GNEWS. Oct - ? Patches – ? Critical - ? CVEs Come Back Next Week Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.

UNIT 3 SEMINAR Unit 3 Chapter 3 in CompTIA Security + Course Name – IT Introduction to Network Security Instructor – Jan McDanolds, MS Contact Information:

PREVIOUS GNEWS. 4 Patches – x bugs addressed Affecting Windows, SQL, Office, Visual Studio,.Net Other updates, MSRT, Defender Definitions, Junk Mail Filter.

. 6 Patches, 15 bug – 3 Critical, Affects 2000, XP, Srv 2003 / 8, Vista, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter.

PREVIOUS GNEWS. Advanced Notification on Thursday Patch Tuesday.

. Next Week Yo! Patch Tuesday Java Multiple advisories and updates Openssl DoS in ASN1_STRING_print_ex() cisco ios DoS in Cisco Tunneling.

PREVIOUS GNEWS. –MS Microsoft XML Core Services, Remote Execution –MS Cumulative Security Update for Internet Explorer –MS Microsoft.

PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS Microsoft XML Core Services, Info Disclosure MS

PREVIOUS GNEWS. 7 Patches – 6 Critical – 35 CVEs Affected –.NET, GDI+, IE, Defender, DirectShow MS NET Framework and Silverlight, Remote Code.

PREVIOUS GNEWS. try again next week Patch Tuesday.

PREVIOUS GNEWS. 16 Patches / 49 Vulns – 4 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Cumulative.

Previous Gnews. 5 Patches – x bugs addressed Other updates, MSRT, Defender Definitions, Junk Mail Filter 5 Security Patches - 5 Critical –MS – JScript.

PREVIOU S GNEWS. May 7 Patches – 2 Critical - 70 CVEs MS Remote Desktop, Allow Tampering MS TCP Protocol, DoS MS Microsoft Lync.

PREVIOUS GNEWS A Hacker is You!. 1 Patches – 1 bugs addressed Affecting Windows (pretty much all of them) Other updates, MSRT, Defender Definitions, Junk.

PREVIOUS GNEWS. 4 Patches / 5 Vulns – 3 Critical Affecting Winodow (all of them), Office, IE, SharePoint,.net Other updates, MSRT, Defender Definitions,

PREVIOUS GNEWS. Aug - 4 Patches – 1 Critical - 42 CVEs MS – IE Cumulative Security Update, Remote Code MS –.NET Framework, DoS MS –

PREVIOUS GNEWS. 2 Patches – 2 Important Affecting Windows Movie Maker, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS –

PREVIOUS GNEWS. 2 Patches – 2 Critical Affecting VB and Mail Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS – Visual Basic for.

PREVIOUS GNEWS. 3 Patches – 4 Critical – 53+ CVEs Affected – Kernel, AD, SharePoint, Office, and more MS Microsoft SharePoint Server, Remote Code.

Skill Area 214 Introduce World wide web(www)

Previous Gnews. Patch Tuesday April – 8 Patches (5 high/critical), Windows, Excel, ISA, IE, HTTP Services MS thru MS May – 1 Patch (critical)

PREVIOUS GNEWS. 2 Patches – bugs addressed Affecting Windows (all versions) Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.

PREVIOU S GNEWS. May 9 Patches – 3 Critical - 1 out of band – 14 CVEs MS Security Update for Internet Explorer MS SharePoint Server, Remote.

Previous Gnews. Other updates, MSRT, Defender Definitions, Junk Mail Filter 10 Security Patches - 6 Critical, 3 Important, 1 Moderate –MS Active.

PREVIOUS GNEWS. Aug - 9 Patches – 1 Critical - 37 CVEs MS Windows Media Center, Remote Code MS – SQL Server, Privilege Escalation MS

PREVIOUSLY GNEWS. Patch Tuesday Aug - 13 Patches – 6 Critical - 57 CVEs MS Cumulative Security Update for IE (Aug Out of Band) MS Cumulative.

Previous Gnews. Other updates, MSRT, Defender Definitions, Junk Mail Filter Out of Band Patchs –MS – IE Cumulative Security Update / Activex –MS

Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.

PREVIOUS GNEWS. 8 Patches – 6 Critical – 19+ CVEs Affected – Kernel, AD, Exchange, Unicode, ICMP MS Security Update for Internet Explorer, Remote.

All images scavenged without permission

All images scavenged without permission

All images scavenged without permission

All images scavenged without permission

Presentation transcript:

PREVIOUS GNEWS

7 Patches – x bugs addressed Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows Other updates, MSRT, Defender Definitions, Junk Mail Filter 8 Security Patches - 5 Critical, 1 Moderate –MS – Bluetooth Stack - Remote Code Execution –MS – IE Cumulative Security Update –MS – ActiveX Kill Bits Cumulative Security Update –MS – DirectX - Remote Code Execution –MS – WINS - Elevation of Privilege –MS – Active Directory - Denial of Service –MS –Pragmatic General Multicast (PGM) - Denial of Service –re-released MS and MS with a detection only change

Holes / Patches Apple Apple QuickTime 7.5 Apple Safari on Windows Apple iCal Apple iPhone 2 snort ip fragment reassembly / ttl evasion openssl tls vulns, server_name set to 0x00 in handshake Samba, boundary error in "receive_smb_raw()" Adobe Flash 9 0-day OpenOffice, integer overflow in "rtl_allocateMemory()" Sun Java Active Server Pages, Multiple Vulns

Hacking Sample Code in RFC 3414 (snmp) contains overflow rustock.c, russian rootkit, undetected record of 1.5 years Cisco Router Rootkit? Sebastian Muniz - EuSecWest New JavaScript engine, Squirrelfish OSWA – Organizational Wireless System Auditor, Live CD

Corp. Hell L-1 Identity Solutions Inc. to produce RFID Passport Card Todd Davis gets sued Comcast invests in GridNetworks (a P2P start-up) Comcast web and hacked, Defiant and EBK Dave & Busters, Packet sniifers on PoS terminals Barracuda offers buyout of SourceFire, SF rejects Nvidia enters mobile processor market Tumbleweed bought by Sopra Group (french) Canada charges Facebook with privacy infringement Explosion at ‘The Planet’ houston data center

Papers Apple Security Guide for OS X 1.5 Leopard NIST IT Security Configuration Scoring (call for input)

Film / Music NBC turns on “Broadcast Flag” Staples to sell $5 flexplay divx DVDs

WTF UK calls for a total phone usage database Launch of Google Health California man makes $50k opening accounts, arrested TSA ID rule change, refuse id check, get banned

MySpace suicide case, poses rocky precedence Anti-Counterfeiting Trade Agreement, ACTA –Pirate-bay Killer? GPLv3 gets more legal attention –Proprietary software / patents Legal

Ulteo Virtual Desktop, Linux virtualization on Windows blender 2.46, 3d animation rtpBreak 1.3a, rtp sniffer xprobe 2 WebKnight, mod_security for IIS Nessus 3.2.1, does not work with freebsd 6 technet opened to community contributions Snort maltego videos openssl 0.9.8h kismet R1 opera 9.5 promises built-in malware protection Axban, ActiveX Killbit tool Updates

CON Events Completed Cons –Layerone, 17 – 18 May / Pasadena CA –DallasCon 2008, TBD / Dallas, TX –AusCERT 2008, May / Gold Coast AU –EuSecWest, 28 May – London UK

CON Results EuSecWest – Hardware Flashing EuSecWest – Cisco RootKit BlackHat Preview and Webcast

CON Events Future Cons –HOPE 7, July / New York NY –USENIX 17th Security Symposium, 28 July - 1 Aug / San Jose CA –REcon 2008, 13 – 15 June / Montreal CA –Black Hat USA, Aug / Las Vegas NV –DefCon, August / Las Vegas NV –Chaos Communications Camp, TBD / Berlin

All images scavenged without permission