Download presentation
Presentation is loading. Please wait.
1
Previous Gnews All images scavenged without permission
2
Patch Tuesday Jun – 50 CVE / 41 KB Articles with 777 unique downloads
Reports of 5 Critical Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ChakraCore Adobe Flash Player Microsoft Office 2016 for Mac Sources: No longer working Doublekill ie 0-day win 10 april update Windows 10 GPO tricks
3
Holes / Patches VMWare Oracle Adobe Apple Cisco Google
VMSA ( 1 CVE ) VMware NSX SD-WAN Command Injection VMSA ( 1 CVE ) vSphere, Workstation and Fusion VMSA ( 2 CVE ) Workstation and Fusion DoS VMSA ( 1 CVE ) Horizon Client Privilege Escalation VMSA ( 1 CVE ) AirWatch Agent RCE Cisco Digital Network Architecture (DNA) Center platform ( 7 CVE ) Auth bypass Google Android 11 Fixes Chrome 34 Fixes Re-CAPTACH bypass fixed Oracle Due out in July Adobe APSB18-09 Acrobat / Reader ( 47 CVE ) APSB18-17 Photoshop CC ( 1 CVE ) APSB18-19 Flash Player ( 4 CVE ) Apple Xcode ( 2 CVE) iCloud for Windows 7.5 ( 15 CVE ) Safari ( 13 CVE) Security Update ( 32 CVE) iOS 11.4 ( 35 CVE) watchOS ( 20 CVE) iTunes for Windows ( 16 CVE) tvOS 11.4 ( 24 CVE) Sources: ## Oracle Patches ##Adobe Patches ##Apple patches security-updates-for-macos / ##Cisco patches -Cisco ## VMWare ## Android -Google 11 fixes in June -Google fixes re-captch bypass -Chrome gets 34 bug fixes
4
Holes PGP issues (email/mime) Samsung s9 Redhat DHCP Client
Windows Windows 10 SSH broken 0365 to block flash Xfinity patch Dell/SMC recoverypoint bugs Git vulns steam, finally patches 10 yr bug Adobe 0-day wireshark RCE bootloader on OnePlus 6 Holes Sources: PGP issues Samsung s9 Redhat DHCP Client Windows Windows 10 SSH broken Extract private keys in Win10 Xfinity patch Dell/SMC recoverypoint bugs 0365 to block flash Git vulns steam, finally patches 10 yr bug Adobe 0-day wireshark RCE bootloader on OnePlus 6
5
Hacking TreasureHunter POS Malware source code leaked
upnp ddos amplification voice-squatting (phonetic similarity) VPN Filter bitgoin gold loses 18mil in double spend attack zwave downgrade attack SQL as a C&C Sonic HDD attack AMD SEV attack BMW, latest car to hack FB side-channel attack jscript 0-day Conatiner ships still easy Zip Slip bug Hacking Sources: TreasureHunter POS Malware source code upnp ddos amplification voice-squatting VPN Filter bitgoin gold - 18mil in double spend attack zwave downgrade attack SQL as a C&C Sonic HDD attack AMD SEV attack BMW, latest car to hack FB side-channel attack jscript 0-day Conatiner ships still easy Zip Slip bug
6
Corp ATT / Time Warner merger MS to buy Github? adobe to buy magneto
still more spectre pornhub vpn is free for all Google drone AI doc leaked Google Drone contract, non-renewal Sources: ATT / Time Warner merger MS to buy Github? adobe to buy magneto still more spectre pornhub vpn is free for all Google drone AI doc leaked Google Drone contract, non-renewal Corp
7
Corp breaches don't matter Chili's popped Securus popped
LocationSmart leaks location data TeenSafe leak, unsecured servers appleid passwords coke data breach TicketFly popped Honda Connect S3 bucket, unsecured (50K users) Fortune 500s leak data via G-Suite Groups MyHeritage, popped (92mil) syndicate wallet popped (10mil) coinrail popped (40mil) Weigthwatchers s3 bucket Sources: breaches don't matter Chili's popped Securus popped LocationSmart leaks location data TeenSafe leak, unsecured servers appleid passwords coke data breach TicketFly popped Honda Connect S3 bucket, unsecured (50K users) Fortune 500s leak data via G-Suite Groups MyHeritage, popped (92mil) syndicate wallet popped (10mil) coinrail popped (40mil) Weigthwatchers s3 bucket Corp
8
Govt Senate repeals net neutrality repeal
FB / Equifax lawyer to run Bureau of consumer protection CA congressional debate, now with gay porn AZ modifies notification law, from timely notice to 45 day notice shocker, disparate rules won't work CA S.B.822 for net neutrality Privacy Act amendment via NDAA rider DOE to step up security efforts COPPA deletion rules, Like GDPR but only for kids EU copyright proposal Oregon data breach law modifications Louisiana data breach law modifications Colorado data breach law modifications Sources: Senate repeals netneutrality repeal FB / Equifax lawyer to run Bureau of consumer protection CA congressional debate, now with gay porn AZ modifies notification law, from timely notice to 45 day notice shocker, disparate rules won't work CA S.B.822 for net neutrality Privacy Act amendment via NDAA rider DOE to step up security efforts COPPA deletion rules, Like GDPR but only for kids EU copyright proposal Oregon data breach law modifications Louisiana data breach law modifications Colorado data breach law modifications Govt
9
Papers PCI v3.2.1 dropped DHS Cybersecurity Strategy 2018
DHS Cybersecurity Strategy 2018 FIFA public Wireless Guidelines Sources: PCI v3.2.1 dropped DHS Cybersecurity Strategy 2018 FIFA public Wireless Guidelines
10
WTF plano now with terrorists 15 years for buying a ddos campaign
ICANN GDPR Lawsuit Trump can pardon himself WTF Sources: plano now with terrorists 15 years for buying a ddos campaign ICANN GDPR Lawsuit Trump can pardon himself
11
Tools Privacy Bandger now with less FB wifi hackling round-up
InfosecInstitute launches subscription training library Tools Sources: Privacy Bandger now with less FB wifi round-up InfosecInstitute launches subscription training library
12
Past Cons HackMiami 18-20 May 2018 miami $125+
CircleCity 1-3 Jun 2018 indy $150 ShowMeCon 7-8 Jun St.Charles MO Past Cons Sources:
13
Future Cons 614Con 14-15 Jun Colombus OH
BSidesSATX 16 Jun 2018 san antonio $??? Shakacon Jul Honolulu HOPE Jul NYC BlackHat 4-9 Aug Vegas BSidesLV 7-8 Aug Vegas DefCon 9-12 Aug Vegas Future Cons Sources:
14
Where DHA @Dallas_Hackers TX2600 @dallas2600 The Lab.MS @TheLab_ms
( 1st Wednesday / Family Karaoke, Dallas ) TX2600 @dallas2600 ( 1st Fri / Wild Turkey 35&WalnutHill, Dallas ) The Lab.MS @TheLab_ms ( 2nd Saturday + random events / TheLab.ms, Plano ) ISSA Fort Worth @ISSAFortWorth ( 2nd Tuesday / location varies ) Hack Ft Worth @Hack_FtW ( 3rd-ish Tuesday / Buffalo West, Fort Worth) OWASP Dallas @OWASPDallas ( 3rd Tuesday / location varies ) Crypto Party DFW @CryptoPartyDFW ( 3rd Thursday / TheLab.ms, Plano ) North Texas Cyber Security Group @ntxcsg ( Last Thursday, Jakes, Frisco ) Dallas MakerSpace @dallasmakers ( Random events / Carrollton ) 0-day All ( Quarterly / DFW) Sources: Where
15
Sources: All images scavenged without permission
Similar presentations
