1. All images scavenged without permission

2. All images scavenged without permission
PREVIOUS GNEWS

3. Patch Tuesday Dec – 12 Patches – 6 Critical – 42 CVEs
MS Cumulative Security Update for Internet Explorer, Remote Code
MS Cumulative Security Update for Microsoft Edge, Remote Code
MS Microsoft Graphics Component, Remote Code
MS Microsoft Uniscribe, Remote Code
MS Microsoft Office, Remote Code
MS Microsoft Windows, Privilege Escalation
MS Secure Kernel Mode, Privilege Escalation
MS Windows Kernel-Mode Drivers, Privilege Escalation
MS Windows Kernel, Info Disclosure
MS Common Log File System Driver, Info Disclosure
MS Adobe Flash Player, Remote Code
MS NET Framework, Info Disclosure
Sources:

4. Holes / Patches VMWare Adobe SHA-1 Apple Sony Camera Backdoor
APSB16-38 Animate ( 1 CVE)
APSB16-39 Flash Player ( 17 CVE)
APSB16-40 Experience Manager Forms ( 2 CVE)
APSB16-41 DNG Converter ( 1 CVE)
APSB16-42 Experience Manager ( 4 CVE)
APSB16-43 InDesign ( 1 CVE)
APSB16-44 ColdFusion Builder ( 1 CVE)
APSB16-45 Digital Editions ( 2 CVE)
APSB16-45 RoboHelp ( 1 CVE)
Apple
Transporter ( 1 CVE)
iOS 10.2 ( 64 CVE)
tvOS ( 49 CVE)
macOS Sierra ( 72 CVE)
iTunes for Windows ( 23 CVE)
Safari ( 24 CVE)
iCloud for Windows 6.1 ( 24 CVE)
VMWare
VMSA ( 1 CVE)
Linux Kernel, Privilege Escalation
VMSA ( 1 CVE)
Workstation and Fusion, Mem Access
** VM Escape
VMSA ( 1 CVE)
vRealize, API deserialization
VMSA ( 1 CVE)
Info disclosure
VMSA ( 3 CVE)
SHA-1
IE, Edge, Chrome dump SHA-1 support
Sony Camera Backdoor
IPELA Engine IP Camera firmware
Default psswords / Telnet / SSH
Sources:
## Oracle Patches
##Adobe Patches
##Apple patches
##Cisco patches
## VMWare
VM escape
chrome 56 dumps SHA-1
Edge ie11 dumpe SHA-1
sony camera path

5. Holes / Patches Bye-Bye MS bulletins Bye-Bye DOS 0365 spoofing
Powershell default CLI
0365 spoofing
MS chrome sandbox bypass
Win10 Telemetry
iPhone photos and contact
iCloud syncs call history without consent
unicorn 0-day
tor 0-day
Sources:
Bye-Bye MS bulletins
MS makes powershell default CLI
0365 spoofing
MS chrome sandbox bypass
win10 telemetry
iphone photos and contact
icloud syncs call history without consent
unicorn 0-day
tor 0-day

6. Hacking Fort Worth kids loot fifa Blackknurse, DoS attack
PoC Hue IoT worm
shazam always on mic (Mac)
poison tap
NTP exploit code
exfil creds via ssid
droidplugin abuse
avalanche botnet sinkholed
new malware uses referrals for keys
Hacking
Sources:
fw kids loot fifa
blackknurse
PoC Hue IoT worm
shazam always on
poison tap
NTP exploit code
exfil creds via ssid
droidplugin abuse
avalanche botnet sinkholed
new malware uses referals for keys

7. Corp oracle buys dyn symantec buys lifelock Vantiv acquires Moneris
KKR buys optiv
Amex buys InAuth
NC4 picks up soltra edge
citi pay digital wallet
apple pay now allows use for non-profits
amazon hits counterfeiters
MS cloud FPGAs
FB black password market
cloud security alliance iot guidance
SpaceX satelite internet
Sources:
oracle buys dyn
symantec buys lifelock
Vantiv acquires Moneris
KKR buys optiv
Amex buys InAuth
NC4 picks up soltra edge
citi pay
apple pay now allows use for non-profits
amazon hits counterfieters
MS cloud FPGAs
FB black password market
cloud security alliance iot guidance
SpaceX satelite internet
Corp

8. Corp qualcomm bugbounty firmware updates in android openvpn audit
tor phone?
seimens priv escalation
seimens camera creds
tesco update, NFC was used
uber data leak
AFF breached
Russian central bank hacked, $31Mil
daily motion password dump, 87 mil
Sources:
qualcomm bugbounty
firmware updates in android
openvpn audit
tor phone?
seimens priv escalation
seimens camera creds
tesco update, NFC was used
uber data leak
AFF breached
Russian central bank hacked
daily motion password dump 87 mil
Corp

9. Govt new zealand reforms spy laws? UK surveillance bill
brits petition to re-evaluate snooper bill
Army bug bounty
fs-isac dumps SOLTRA
Ukraine torrent servers seized
IRS wants coinbase to cough up identities
DoD vuln disclosure policy
CREDO confirms NSLs
Internet Archive NSL
SF transit infection
rule 41 in effect
don't communicate via
Sources:
new zealand reforms spy laws?
UK survielence bill
Army bug bounty
fs-isac dumps SOLTRA
Ukraine torrent servers seized
IRS wants coinbase to cough up identities
DoD vuln disclosure policy
CREDO confirms NSLs
Internet Archive NSL
brits pettion to re-evaluste snooper bill
SF transit infection
rule 41 in effect
don't comunicate via
Govt

10. Papers e-flavor is bad sec metrics NIST engineering guidance
sec metrics
NIST engineering guidance
NIST SMB guidance
NIST osx guide
coindesk state of blockchain q3
6 seconds to any card #
fed reserve distributed ledger research
Papers
Sources:
e-flavor is bad
sec metrics
nist engineering guidance
coindesk state of blockchain q3
NIST SMB guidance
6seconds to any card
fed reserve distributed ledger research
NIST osx guide

11. WTF #pizzagate minecraft atari 2600 emulator
Blonde SuperFreak Steals the Magic Brain
WTF
Sources:
#pizzagate
mincraft atari 2600 emulator

12. how to on gmail / google / Yahoo
EFF 12 days of 2FA
how to on gmail / google / Yahoo
Tools
Sources:
EFF 12 days of 2FA
how to on gmail/google / Yahoo

13. Future Cons ShmooCon 13-15 Jan
3 rounds sold out 4.19 / 2.73 / 2.28 seconds
SANS Dallas 27 Feb-04 Mar
CanSecWest Mar
Hou.Sec.Con Mar
BSides Austin
SANS PenTest Austin 27 Mar-01 Apr
Women in Cybersecurity 31 Mar-01 Apr
InfoSec Southwest Apr
BSides Nashville 22 Apr
Future Cons
Sources:

14. OWASP Dallas @OWASPDallas
( 1st Wednesday / Family Karaoke, dallas )
( 1st Fri / Wild Turkey 35&WalnutHill, dallas )
The
( 2nd Monday + random events / TheLab.ms, plano )
OWASP
( 3rd Tuesday / location varies )
Crypto Party
( 3rd Thursday / Improving Enterprises, addison )
North Texas Cyber Security
( Last Thursday, Jakes, Frisco )
Dallas
( Random events / carrollton )
Hack Ft
( 3rd Thursday / ?? West 7th ?? Abby Pub)
Lock Pick
( Last Monday/ Sherlocks arlington )
Sources:

15. Sources: All images scavenged without permission