1. Previous Gnews
All images scavenged without permission

2. Patch Tuesday May – 69 CVE / 67 KB Articles with 1276 unique downloads
Reports of 16 Critical / 56 fixes
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
ChakraCore
Adobe Flash Player
.NET Framework
Microsoft Exchange Server
Windows Host Compute Service Shim
DoubleKill IE 0-day??
Force Win10 April Update
Win10 GPO Trickery
Sources:
No longer working
Doublekill ie 0-day
win 10 april update
Windows 10 GPO tricks

3. Holes / Patches VMWare Oracle Apple Adobe Cisco
VMSA ( 2 CVE )
vRealize Automation
VMSA ( 1 CVE )
Horizon DaaS
Apple
iOS ( 4 CVE)
Security Update macOS High Sierra ( 3 CVE )
Safari 11.1 ( 2 CVE)
Security Update Swift ( 1 CVE)
Trustjacking via iOS WiFi-Sync (RSA)
Cisco
Webex ( 7 CVE )
Remote execution via flash and others
SAML ( 1 CVE )
AnnyConnect, ASA, Firepower Threat Detect
Oracle
254 fixes
Meltdown/Spectre (3 CVE )
Java (14 CVE )
MySQL (33 CVE )
Sun (14 CVE )
Adobe
APSB18-08 Flash Player ( 6 CVE )
APSB18-10 Experience Mgr ( 3 CVE )
APSB18-11 InDesign ( 2 CVE )
APSB18-12 Creative Cloud Desktop Application ( 3 CVE )
APSB18-13 Digital Editions ( 2 CVE )
APSB18-14 Clod Fusion ( 5 CVE )
APSB18-15 PhoneGap Plugin ( 1 CVE )
APSB18-16 Flash Player ( 1 CVE )
APSB Connect ( 1 CVE )
Sources:
## Oracle Patches
##Adobe Patches
##Apple patches
ios sync glitch
ios
##Cisco patches
webex in meeting attack via flash
Cisco SAML
## VMWare
## Android

4. Hacking total meltdown exploit abbott pace makers
outlook ole rtf oh my
BSOD USB (requires autoplay)
coinsecure loses 3 mil
crypto mining now on closed browsers
airgapped cyrpto theft
big fish, little thermometer
Minecraft infection
"upatchable" switch hack
WD nas leaks files
hotel master key
evil maid detection (macbook)
Apple home wifi
VW car hacking
lojack backdoor???
Hacking
Sources:
total meltdown exploit
abbott pace makers
outlook ole rtf oh my
BSOD USB (requires autoplay)
coinsecure loses 3 mil
crypto mining now on closed browsers
airgapped cyrpto theft
big fish, little themometer
Minecraft infection
"upatchable" switch hack
WD nas leaks files
hotel master key
evil maid detection (macbook)
Apple home wifi
VW car hacking
lojack backdoor???

5. Corp nike buys zodiac inc (analytics) and invertex ltd (imaging)
square buys weebly (365 mil)
Tmobile buys Sprint (26.5 bil)
Global Telco Security Alliance (singapore, japan, span, uae)
Cybersecurity Tech Accord (MS and 33 other corp)
Bad Mongo exposes cryptocurrency users
redbull popped
Github exposes passwords
twitter dumps creds to internal log
SaMD
Cambridge redux
Cambridge shuts down
NSA reports non-use of 0-days
Blu settles
FB history option
developer COCs
Sources:
nike buys zodiac inc (analytics) and invertex ltd (imaging)
square buys weebly (365 mil)
Tmobile buys Sprint (26.5 bil)
Global Telco Security Alliance (singapore, japan, span, uae)
Cybersecurity Tech Accord
Bad Mongo exposes cryptocurrency users
redbull popped
Github exposes passwords
twitter dumps creds to internal log
SaMD
Cambridge redux
Cambridge shuts down
NSA reports non-use of 0-days
Blu settles
FB history option
developer COCs
amazon / signal
Corp

6. Govt internetting is not a crime PCI cloud guidelines PCI change looms
accessing public data
PCI cloud guidelines
PCI change looms
webstresser.org takedown
NIST Updates Critical Infrastructure framework (supplychain)
Apple talks to CA autonomous cars
GA now looking at hackback bill
ThaiCERT seizes hidden cobra server
China standard on Personal Info Security
More ICE manuals leaked
Sources:
interneting is not a crime
PCI cloud guidelines
PCI change looms
webstresser.org takedown
NIST Updates Critical Infrstructure framework (supplychain)
Apple talks to CA autonomous cars
GA now looking at hackback bill
ThaiCERT seizes hidden cobra server
China standard on Personal Info Security
More ICE manuals leaked
Govt

7. HITB - how andriod hides updates
cyber bully
oem patching?
HITB - how andriod hides updates
gondala control
ToS hell
WTF
Sources:
cyber bully
oem patching?
HITB - how andriod hides updates
gondala control
ToS hell

8. Past Cons InfoSec Southwest BSides OK RSA - MS Security Graph API
RSA - hacking med devices
RSA Attendee DB exposed
Past Cons
Sources:
RSA - MS Security Graph API
RSA - hacking med devices
RSA Attendee DB exposed

9. Future Cons HackMiami 18-20 May 2018 miami $125+
CircleCity 1-3 Jun 2018  indy  $150
ShowMeCon 7-8 Jun St.Charles MO
614Con Jun Colombus OH
BSidesSATX 16 Jun 2018  san antonio  $???
Shakacon Jul Honolulu
HOPE Jul NYC
BlackHat 4-9 Aug Vegas
BSidesLV 7-8 Aug Vegas
DefCon 9-12 Aug Vegas
Future Cons
Sources:

10. Where DHA @Dallas_Hackers TX2600 @dallas2600 The Lab.MS @TheLab_ms
( 1st Wednesday / Family Karaoke, Dallas )
TX2600 @dallas2600
( 1st Fri / Wild Turkey 35&WalnutHill, Dallas )
The Lab.MS @TheLab_ms
( 2nd Saturday + random events / TheLab.ms, Plano )
ISSA Fort Worth @ISSAFortWorth
( 2nd Tuesday / location varies )
Hack Ft Worth @Hack_FtW
( 3rd-ish Tuesday / Buffalo West, Fort Worth)
OWASP Dallas @OWASPDallas
( 3rd Tuesday / location varies )
Crypto Party DFW @CryptoPartyDFW
( 3rd Thursday / TheLab.ms, Plano )
North Texas Cyber Security Group @ntxcsg
( Last Thursday, Jakes, Frisco )
Dallas MakerSpace @dallasmakers
( Random events / Carrollton )
Sources:
Where

11. Sources: All images scavenged without permission