2. PREVIOUSLY GNEWS

3. Feb – 13 Patches – 6 Critical – 36ish CVEs MS16-009 - Cumulative Security Update for IE, Remote Code MS16-011 - Cumulative Security Update for Edge, Remote Code MS16-012 - Microsoft Windows PDF Library, Remote Code MS16-013 - Windows Journal, Remote Code MS16-014 - Microsoft Windows, Remote Code MS16-015 - Microsoft Office, Remote Code MS16-016 - WebDav, Privilege Escalation MS16-017 - Remote Desktop Display Driver, Privilege Escalation MS16-018 - Windows Kernel-Mode Driver, Privilege Escalation MS16-019 -.NET Framework, DoS MS16-020 - Active Directory Federation Services, DoS MS16-021 - NPS Radius Server, DoS MS16-022 - Adobe Flash Player Patch Tuesday

4. Adobe –248 fixes Adobe –APSB16-03 Photshop CC and Bridge CC ( 3 CVE) –APSB16-04 Flash Player ( 22 CVE) –APSB16-05 Experience Manager ( 4 CVE) –APSB16-07 Connect ( 3 CVE) Apple –iOS 9.2.1 ( 13 CVE) –Security Update 2016-001 ( 9 CVE) –Safari 9.0.3 ( 6 CVE) –tvOS 9.1.1 ( 8 CVE) VMWare –VMSA-2015-0009 ( 1 CVE) deserialization –VMSA-2016-0001 ( 1 CVE) guest privilege escalation Cisco, Aironet hardcoded passwd OpenSSH, private key leak OpenSSL, X9.42 parameters linux kernel bug, keyrings reference leak (+PoC code) Holes / Patches

5. LastPass Phishing Campaign powershell morse code AC unit = blackout generator –unencrypted RF cut off “valve” Hacking

6. Cryptsy Bitcoin Exchanged robbed 13K bitcoin (5mil) Yahoo pays 10K for XSS bug Norse falls off the map Lenovo really 'shareit' with '12345678' Java browswe plugin death Wendys breached Chase cardless ATMs HD Moore leaves R7 Intel Autheticate in VPro Chips FireEye buys iSight Partners St.Louis Centene loses unencrypted drives Xerox to split VirusTotal adds firmware scanning IEEE anti-malware support service Corp

7. FOIA Reform Bill FDA Security Guidance Notice and Stay Down –US copyright safe harbor provision (section 512) TX License Plate Readers Canada limits data sharing DOJ Job applicants posted to twitter Federal CISO Govt

8. DarkNet Intro http://hubpages.com/technology/A-Beginners-Guide-to-Exploring-the-Darknet Powershell Windump https://www.sans.org/reading-room/whitepapers/incident/leverage-powershell-create-user-friendly- version-windump-36642 AWS guidance https://d0.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf Hacking the patent system 2016 https://www.eff.org/document/hacking-patent-system-2016 Draft Redhat Stig http://iase.disa.mil/stigs/os/unix-linux/Pages/index.aspx Draft Application Sec STIG http://iase.disa.mil/stigs/app-security/app-security/Pages/app-security.aspx Papers

9. Imperva says you need state sponsorship to run a tor exit node torflow.uncharted.software rm -rf / all the UEFI WTF !!!

10. Tools metabrik http://www.metabrik.org/ automate malware analysis SpiderMal passive DNS analysis with python passivetotal and maltego zcash untraceable bitcoin alternative SET 7.0

11. CanSecWest – Vancouver 16-18 Mar B-Sides Austin - 31-1 Mar-Apr InfoSec Southwest – Austin 8-10 Apr B-Sides OK – 09 Apr B-Sides Nashville – 16 Apr ThotCon 0x7 – Chicago 5-6 May B-Sides San Antonio21 May Circle City Con – Indianapolis 10-12 Jun SANS DFIR Summit – Austin 23-30 Jun Cons

12. DC214 in top 5 for 2015 2016 Contest --> what can you do to make a positive impact on the community With the relaunch of DEF CON Groups we wanted to start a new kind of initiative, but in a recognizable format: we want to bring in the new year with a competition. This is the first competition of its kind. It’s not a black badge competition but it will take a lot of work and determination to succeed - and the rewards are equally sweet. This is a year-long competition for all DEF CON groups, and we expect quality. Here’s the challenge: what can you do to make a positive impact on the community, be it globally, locally, or hacker-globally. What can your DCG do to improve… anything? We’re trying to make something better, not just point out what is broken without providing a solution. To be entered into the competition, submit a link to a 3- minute (at least!) YouTube video from your DCG as a whole describing what you’re planning on accomplishing over the year. Don’t just generally describe what you want to do - describe your time schedule, who has expertise in what, why, etc. The more detail the better. DefCon Groups

13. CanSecWest – Vancouver 16-18 Mar B-Sides Austin - 31-1 Mar-Apr InfoSec Southwest – Austin 8-10 Apr B-Sides OK – 09 Apr B-Sides Nashville – 16 Apr ThotCon 0x7 – Chicago 5-6 May B-Sides San Antonio21 May Circle City Con – Indianapolis 10-12 Jun SANS DFIR Summit – Austin 23-30 Jun Cons

14. DHA ( 1 st Wednesday / Family Karaoke, dallas ) TX2600 ( 1 st Fri / Wild Turkey 35&WalnutHill, dallas ) The Lab.MS ( 2 nd Monday + random events / TheLab.ms, plano ) OWASP Dallas ( 3 rd Tuesday / location varies ) Crypto Party ( 3 rd Thursday / Improving Enterprises, addison ) NAISG replacement is coming ( 4 th Thursday, Jakes, Frisco ) Dallas MakerSpace ( Random events / carrollton )

15. All images scavenged without permission