Download presentation
Presentation is loading. Please wait.
1
Previous Gnews All images scavenged without permission
2
Patch Tuesday Jan – 83 KB Articles with 308 unique downloads
Reports of 16 Critical / 56 fixes Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps SQL Server ChakraCore .NET Framework .NET Core ASP.NET Core Adobe Flash Sources: No longer working
3
Holes / Patches VMWare Oracle Adobe Apple VMSA-2017-0021 ( 4 CVE )
ESXi, vCenter, Workstation, Fusion (multi) VMSA ( 3 CVE ) vSphere Data Protection (multi) VMSA ( 2 CVE ) ESXi, Workstation, Fusion (meltdown/spectre) VMSA ( 3 CVE ) vRealize, Worksation, Tools VMSA ( x CVE ) vSphere, Workstation, Fusion (meltdown/spectre) Apple iOS ( 2 CVE) Safari (again) ( 2 CVE) macOS High Sierra Supplemental Update ( 2 CVE) Oracle Due out 16 Jan 2018 Adobe APSB18-01 Flash Player ( 1 CVE) Sources: ## Oracle Patches ##Adobe Patches ##Apple patches ##Cisco patches ## VMWare ## Android
4
Holes / Patches MS bundles bad password manager Win 10 WPAD/PAC attack
Mac LPE vuln Ubuntu bios Lexmark printers Thunderbird Meltdown / Spectre Sources: MS bundles bad password manager Win 10 WPAD/PAC attack Mac LPE vuln ubuntu bios Laexmark printers Thunderbird Meltdown / Spectre related linux page isolation Details patch issues MS 16 Criticals / 56 fixes
5
Hacking Internet Chemotherapy --Dr Cyborkian
cyrpto currency sans blockchain Wannacry attributed to NK win 10 facial busted AI whizkid Bose / Sonos speaker take over Intel ME huawei 0-day code goes public Lisa source code to be released Hacking Sources: Internet Chemotherapy --Dr Cyborkian cyrpto currency sans blockchain Wannacry attributed to NK win 10 facial busted AI whizkid Bose / Sonos speaker take over Intel ME huawei 0-day code goes public Lisa source code to be released
6
Corp ProofPoint Acquires CloudMark (isp / mobile) thales buys gemalto
apple buys buildbuddy Amazon to buy Target QVC buys HSN Proofpoint buys weblife (web mail protection) verizon buys niddel quicksilver buys billabong Alteryx S3 Nissan Canada Finance popped 1.13 mil ancestry.com leak Sources: ProofPoint Acquires CloudMark (isp / mobile) thales buys gemalto apple buys buildbuddy Amazon to buy Target or QVC buys HSN Proofpoint buys weblife (web mail protection) verizon buys niddel quicksilver buys billabong Alteryx S3 Nissan Canada Finance popped 1.13 mil ancestry.com leak Mozilla installs looking glass silently Apple battery throttling?? response Uber it's not just for cars anymore OKCupid launches real-name policy Driveless car testing in AZ WD MyCloud hardcoded creds MS drops Kinect WPA3? Corp
7
Corp Mozilla installs looking glass silently
Apple battery throttling?? Uber it's not just for cars anymore OKCupid launches real-name policy Driveless car testing in AZ WD MyCloud hardcoded creds MS drops Kinect WPA3? Sources: ProofPoint Acquires CloudMark (isp / mobile) thales buys gemalto apple buys buildbuddy Amazon to buy Target or QVC buys HSN Proofpoint buys weblife (web mail protection) verizon buys niddel quicksilver buys billabong Alteryx S3 Nissan Canada Finance popped 1.13 mil ancestry.com leak Mozilla installs looking glass silently Apple battery throttling?? response Uber it's not just for cars anymore OKCupid launches real-name policy Driveless car testing in AZ WD MyCloud hardcoded creds MS drops Kinect WPA3? Corp
8
Govt Municpal Fiber being contested Norway drops FM band
Virus ban lifted GCHQ overdoes it University of Michigan wins 3.6 mil for MORPHEUS FERC to expand breach reporting rules China adopts wechat as ID FB deletes accounts for govt Records privacy change DHS popped Cali Neutrality Bill New border inspection rules FTC settles child privacy case Sources: Municpal Fiber being contested Norway drops FM band virus ban lifted GCHQ overdoes it University of Michigan wins 3.6 mil for MORPHEUS FERC to expand breach reporting rules China adopts wechat as ID FB deletes accounts for govt Records privacy change DHS popped Cali Neutrality Bill new border inspection rules FTC settles child privacy case Govt
9
https://bash-prompt.net/guides/server-hacked/
s3 hardening ccholarships have i been hacked Papers Sources: s3 hardening Scholarships have i been hacked
10
WTF largest prime number found Phantom Trolleys Armed with hammers
White Noise Patent WTF Sources: largest prime number Phantom Trolleys Armed with hammers CND
11
Tools ThreatHunting.net Invoke-PSImage bye google mobilecoin
sublis3r - web subdomina enumeration hijacker - android wifi nmap nse ThreatHunting.net Invoke-PSImage mobilecoin RetDec Decompiler goes OpenSource coWPAtty Haven Sources: ThreatHunting.net Invoke-PSImage mobilecoin RetDec Decompiler goes OpenSource coWPAtty Haven bye google sublis3r - web subdomina enumeration hijacker - android wifi nmap nse
12
Future Cons BSidesAustin 8-9 Mar 2018 austin $30
CanSecWest Mar 2018 (passport) vancouver $2100 HouSecCon 4 Apr 2018 houston $65 InfoSec Southwest Apr 2018 austin $190 BSidesOK 13 Apr 2018 (training on 11-12) tulsa $FREE BSidesNash 14 Apr 2018 nashville $??? AtlSecCon Apr 2018 (passport) halifax $160 ThotCon 4-5 May 2018 chicago $170 SOLDOUT HackMiami May 2018 miami $125+ CircleCity 1-3 Jun 2018 indy $150 BSidesSATX 16 Jun 2018 san antonio $??? Future Cons Sources:
13
Where DHA @Dallas_Hackers TX2600 @dallas2600 The Lab.MS @TheLab_ms
( 1st Wednesday / Family Karaoke, Dallas ) TX2600 @dallas2600 ( 1st Fri / Wild Turkey 35&WalnutHill, Dallas ) The Lab.MS @TheLab_ms ( 2nd Saturday + random events / TheLab.ms, Plano ) ISSA Fort Worth @ISSAFortWorth ( 2nd Tuesday / location varies ) Hack Ft Worth @Hack_FtW ( 3rd-ish Tuesday / Buffalo West, Fort Worth) OWASP Dallas @OWASPDallas ( 3rd Tuesday / location varies ) Crypto Party DFW @CryptoPartyDFW ( 3rd Thursday / TheLab.ms, Plano ) North Texas Cyber Security Group @ntxcsg ( Last Thursday, Jakes, Frisco ) Dallas MakerSpace @dallasmakers ( Random events / Carrollton ) Sources: Where
14
Sources: All images scavenged without permission
Similar presentations
