2. PREVIOUSLY GNEWS

3. Patch Tuesday Nov - 12 Patches – 8 Critical – 60ish CVEs MS15-124 - Cumulative Security Update for IE, Remote Code MS15-125 - Cumulative Security Update for Edge, Remote Code MS15-126 - Cumulative Security Update for JScript and VBScript, Remote Code MS15-127 - Microsoft Windows DNS, Remote Code MS15-128 - Microsoft Graphics Component, Remote Code MS15-129 - Silverlight, Remote Code, Remote Code MS15-130 - Microsoft Uniscribe, Remote Code MS15-131 - Microsoft Office, Remote Code MS15-132 - Microsoft Windows, Remote Code MS15-133 - Windows PGM, Privilege Escalation MS15-134 - Windows Media Center, Remote Code MS15-135 - Windows Kernel-Mode Drivers, Privilege Escalation

4. Adobe –APSB15-29 ColdFusion ( 3 CVE) –APSB15-30 LiveCycle ( 1 CVE) –APSB15-31 Premiere Clip ( 1 CVE) –APSB15-32 Flash Player ( 77 CVE) Apple –Xcode 7.2 ( 4 CVE) –Safari 9.0.2 ( 12 CVE) –watchOS 2.1 ( 30 CVE) –OS X El Capitan ( 54 CVE) –tvOS 9.1 ( 48 CVE) –iOS 9.2 ( 50 CVE) MS –MS15-122 Radius issue Can bypass Bitlocker when pre-boot is diabled. –PUP detection coming to SCEP/FEP Cisco –NTP multiple vulns VMWare –VMSA-2015-0008 ( 1 CVE) Info disclosure OpenSSL ( 4 CVE) –1.0.2 / 1.0.1 –1.0.0 / 0.9.8 Holes / Patches

5. BadBarCode linux ransomeware (Linux.Encoder1) New PoS malware (ModPoS / CherryPicker PoS) Laserpointers not just for pointing at planes li-wi rootnik steals android data Hacking

6. fidelity charitable now does the bitcoin youtube now supporting fairuse Onlinecensorship.org FB reports govt requests on the rise EFF spying on students campaign MasterCard Hackathon dec 4-5 walmart drones Fossil Group buys Misfit Inc. (wearables) Swatch, now with payments eff luanched "bug bounty" Flash now called Animate MS to move to per core licensing? Corp

7. spy firm pricelist Dell ships root cert with private key, eDellRoot metropcs breach 10mil user data Starwood breach Hilton Breach Pearson VUE breach Amazon breach? VTech Breach something about talktalk Corp

8. Paris cops love conficker Germany Audit of Trucrypt DD-WRT is safe (for now) Dallas County leaks data NSL Europol sandbox Govt

9. ISIS OPSEC Guide (cause we like being on lists) http://www.wired.com/wp-content/uploads/2015/11/ISIS-OPSEC-Guide.pdf SafeCode Secure Software Dev Framework http://www.safecode.org/publication/SAFECode_Principles_for_Software_Assurance_Assessment.pdf McAfee (Intel Security) DarkWeb Report Yup, there is shit for sale. http://www.mcafee.com/us/resources/reports/rp-hidden-data-economy.pdf Papers

10. Signal (now for the desktop) ethereum (iot blockchain) vthreat platform (Attack simulation) SANS RITA (Real Intelligence Threat Analysis) nmap7 wireshark 2.0 MagSpoof Bug Bounty Program List http://www.vulnerability-lab.com/list-of-bug-bounty- programs.php raspi 0 ($5 pc) Tools

11. 32C3 - Germany ShmooCon – DC 15-17 Jan B-Sides Houston - ? Jan CanSecWest – Vancouver 16-18 Mar B-Sides Austin - 31-1 Mar-Apr InfoSec Southwest – Austin 8-10 Apr B-Sides OK – 09 Apr B-Sides Nashville – 16 Apr ThotCon 0x7 – Chicago 5-6 May B-Sides San Antonio? May Cons

12. DHA ( 1 st Wednesday / Family Karaoke, dallas ) TX2600 ( 1 st Fri / Wild Turkey 35&WalnutHill, dallas ) (1 st Fri / 1418 Coffeehouse, plano) The Lab.MS ( 2 nd Monday + random events / TheLab.ms, plano ) Crypto Party ( 3 rd Thursday / Improving Enterprises, addison ) NAISG replacement is coming ( ??? ) Dallas MakerSpace ( Random events / carrollton ) LockPick DFW ( we want to think it exists ) Local

13. All images scavenged without permission