2. 9 Patches – 2 Critical – 12 CVEs Affected – IE, Kernel, SharePoint, Remote Desktop, AD….. Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS13-028 – Cumulative Security Update for Internet Explorer, Remote Code –MS13-029 – Remote Desktop Client, Remote Code –MS13-030 – SharePoint, Info Disclosure –MS13-031 - Windows Kernel, Privilege Escalation –MS13-032 – Active Directory, DoS –MS13-033 – Windows Client/Server Run-time Subsystem (CSRSS), Privilege Escalation –MS13-034 – Microsoft Antimalware Client, Privilege Escalation –MS13-035 – HTML Sanitation Component, Privilege Escalation –MS13-036 – Kernel-Mode Drivers, Privilege Escalation Patch Tuesday

3. Oracle, Due April 16 Adobe –APSB13-10 – ColdFusiont  2 CVEs –APSB13-11 – Adobe Flash Player  4 CVEs –APSB13-12 – Adobe Shockwave Player  4 CVEs Apple, –Security Update 2013-001 –Safari 6.0.3 –iOS 6.1.3 –Apple TV 5.2.1 Cisco –Cisco Connected Grid Network Management System, multiple vulns –IOS, multiple vulns –VPN Client, DoS Holes / Patches

4. Postgres Apple credits evaders for exploits FB Events exposes data sKype / dropbox to FB redirection hole Holes

5. carna botnet scans world with nmap Yahoo accounts used to spread andriod malware Evernote as command and control holy mossad? Anonymous claims hack on agency website apple id and password modification, fixed and hacked again spamhaus DDoS american express DDoS Amazon S3 has holes, data leak exposes sales data, game source code, personal photos, etc. kerbs and emergency center attacks ATM malware Scribd passwords Holes / Hacking

6. Corp FIDO Stanadard claims an end to passwords (paypal, lenovo, ….) Windows Blue leaked on-line MS claims skype did not hand over data to law enforcement paypal / ebay 86 vmware, go openstack Energy companies reported to be attacked the most Bitcoin exchange ddos, elsewhare price tops $140 per bitcoin Genetic Alliance to Launch Reg4All, (do not call registry for medical data) Google to change patent policy, won’t pursue violations (10 patents with opensource software) cloud based scada really??? wordpress now with 2fa hulu looking for buyers FF tracking cookie foo

7. DoJ wants more access to data NSLs with gag-order ruled unconstitutional CA bill to require warrant for electronic communications CA Law to allow users knowledge of and access to data Apple to reject apps that access UUID FISMA passed (Federal Information Security Amendments Act) EFF calls for opposition of CFAA reform draft (Computer Fraud and Abuse Act ) two factor auth for apple ids IBM materials developers may have new chip based on ionic currents 3d printing not on ATF radar Credit Card net take down 40 arrested FBI stingray s korea to repeal 3 strike copyright law Legal

8. Can't patent Math Georgia censorship order, blogger responsible to 3 rd party comments Russia select blocking of internet Legal 2

9. malicious DNS https://www.sans.org/reading_room/whitepapers/dns/detecting-malicious-dns-traffic_34152 airNIDS https://www.sans.org/reading_room/whitepapers/detection/airnids-intrusion-detection-wireless-ether_34147 ips evasion https://www.sans.org/reading_room/whitepapers/intrusion/beating-ips_34137 mod_rewrite https://www.sans.org/reading_room/whitepapers/intrusion/web-log-analysis-defense-mod_rewrite_34127 mem forensics https://www.sans.org/reading_room/whitepapers/forensics/indicators-compromise-memory-forensics_34162 IBM xforce threat report http://www-03.ibm.com/security/xforce/downloads.html 2012 HP Risk Report http://www.hpenterprisesecurity.com/collateral/whitepaper/HP2012CyberRiskReport_0313.pdf boot processes http://resources.infosecinstitute.com/windows-booting-process/ intro to x64 assembly http://software.intel.com/sites/default/files/m/d/4/1/d/8/Introduction_to_x64_Assembly.pdf Hacking aircraft http://commandercat.com/2013/04/hitb2013.html Papers

10. Java Snoop TAILS (anonymous live cd) RAM Capture snort community ruleset batman routing protocol (mesh network) tools

11. Political correctness Two people lose jobs cause chic mis-interpreted a personal conversation, albeit in a public locale death to hackers NATO Cyber Warfare report British intelligence agency called out for plain text passwords Mesh ipv6 lightbulb, zigbee protocol WTF

12. Symantec - Dallas Security and Compliance User Group InfoSec SouthWest 2013 April 19 – 21 http://2013.infosecsouthwest.com/speakers.html CON Events

13. All images scavenged without permission