Скачать презентацию GN PR EW EV S IO US Скачать презентацию GN PR EW EV S IO US

0019a106a85ba22d703241fe4011def6.ppt

  • Количество слайдов: 14

GN PR EW EV S IO US GN PR EW EV S IO US

Patch Tuesday • Apr - 8 Patches – 2 Critical - 45 CVEs • Patch Tuesday • Apr - 8 Patches – 2 Critical - 45 CVEs • • MS 15 -056 - Cumulative Security Update for IE, Remote Code MS 15 -057 - Windows Media Player, Remote Code MS 15 -059 - Office, Remote Code MS 15 -060 - Common Controls, Remote Code MS 15 -061 - Kernel-Mode Drivers, Privilege Escalation MS 15 -062 - ADFS, Privilege Escalation MS 15 -063 - Windows Kernel, Privilege Escalation MS 15 -064 - Exchange, Privilege Escalation Other updates, MSRT, Defender Definitions, Junk Mail Filter

• MS 15 -011 GPO still vulnerable? • Just when you thought you • MS 15 -011 GPO still vulnerable? • Just when you thought you could trust MS • Embedded C&C address on Tech. Net Mo’ Micro’ • MS adds search protection to malware attributes • Windows 10 and Edge features • • • Mem. GC (Memory Garbage Collection), use-after-free defense CFG (Control Flow Guard), jump governer EPM (Enhanced Protected Mode) – app container sandbox "Thus Microsoft Edge provides no support for VML, VB Script, Toolbars, BHOs, or Active. X. " --- points to html 5 win 10 sec features • • App Store vetting ‘Windows Hello’, biometric auth ‘Device Guard’, non signed application blocking Passport, two-factor-ish? ? • PFS comes to Windows via Update 3042058 • SSH comes to Powershell

Holes / Patches • Oracle • Cisco – 14 Jul • Adobe – APSB Holes / Patches • Oracle • Cisco – 14 Jul • Adobe – APSB 15 -11 Flash Player (13 CVE) – The Good Watch OS 1. 01 (13 CVE) – The Bad • • VMWare – VMSA-2015 -0004 Fusion and Horizon View (7 CVE) • Apple • – Tele. Presence – Fire. SSIGHT Apple Watch, 1 second window i. Phone string Do. S apple suspend resume flaw • Pidgin, multiple vulns • Virtual. Box Patch for Venom

• • • Google App Engine Android address bar spoof Android reset exposes • • • Google App Engine Android address bar spoof Android reset exposes data • • Plane hacks not only in lab CSFR in wind turbines Mass car lock disruption IM-ME hacks all the garages • trojanized putty in wild • Logjam - another ssl vuln • Gift. Card race conditions and eternal hate toward notification • • • Net. USB on soho routers vuln soho csrf via dns dlink storage • • Linux. Moose mumblehard - linux/freebsd • Nitlove. POS via spam campaigns • • ransomware auth, drops keys tox Saa. S ransomware • stegpsploit • keybase • Drug pump update, can change dosage Hacking

• Penn State disconnects after china attack • AFF Hacked – Politicians called • Penn State disconnects after china attack • AFF Hacked – Politicians called out • IRS breach • FF Smart TV • Uber, plaintext passwd via email • NYXBT - bitcoin index • • Dynamic CVV? ? Hyundai offers android in car • Threat intel and the lie of sharing • • • Palo. Alto buys Cirro. Cecure Hot Topic buys Thinkgeek Nokia to buy Alcatel/Lucent • Google attempts to address excessive app permissions • Intel joins FIDO alliance • • FB PGP FB forces sha 2 after oct 1 • Ikea to sell "hacking kits" • Tesla bug bounty Corp

• Security as munitions redux - Wassenaar Agreement, bad mod to CFAA – • Security as munitions redux - Wassenaar Agreement, bad mod to CFAA – Govt "Specifically, the BIS proposal seeks to regulate and control the export of what it calls intrusion software. . . " • bye-bye bug bounties, hello wassenaar • Anti-SLAPP Bill • VA state launches car hacking project • CA County sheriff like the stingray • 215 not reauthorized • California bitcoin bill • OPM breach, 4 mil feds

IEEE Medical Guidance https: //threatpost. com/researchers-ieee-release-medical-device-security-guidelines/112885 Federal Regulations on Energy Grid http: //www. securityorb. IEEE Medical Guidance https: //threatpost. com/researchers-ieee-release-medical-device-security-guidelines/112885 Federal Regulations on Energy Grid http: //www. securityorb. com/the-impact-of-federal-regulations-on-the-information-assurance-of-the-north-americanelectrical-energy-grid/ http: //www. securityorb. com/the-impact-of-federal-regulations-on-the-information-assurance-of-the-north-americanelectrical-energy-grid-part-2 -of-2/ https: //www. meshekah. com/research/publications_files/tr_ersatz_passwords. pdf IC 3 crime report http: //www. fbi. gov/news_blog/2014 -ic 3 -annual-report maturity model Papers no more passwd cracking https: //www. sans. org/reading-room/whitepapers/modeling/improving-detection-prevention-response-security-maturitymodeling-35985 ponemon breach cost study http: //public. dhe. ibm. com/common/ssi/ecm/se/en/sew 03053 wwen/SEW 03053 WWEN. PDF

WTF!? Subway dye sprayer http: //www. wearealwayslistening. com/ Slow crime day? Soctland Yard frets WTF!? Subway dye sprayer http: //www. wearealwayslistening. com/ Slow crime day? Soctland Yard frets xfiles

Data. App mobile data sniffer PTF pentesters framework open. OCD 0. 9. 0 debugger Data. App mobile data sniffer PTF pentesters framework open. OCD 0. 9. 0 debugger Intercept launches firstlook. org open code repo Auto. Canary PDF Redact Tools

ns o C st a P HITB Amsterdam People. Soft Information Warfare Summit (IWS) ns o C st a P HITB Amsterdam People. Soft Information Warfare Summit (IWS) 7 Oct 2015 OKC shomecon Thot. Con 0 x 6 Pen. Test Austin (SANS)

Co ns Fu tur • e Def. Con 23 6 – 9 Aug • Co ns Fu tur • e Def. Con 23 6 – 9 Aug • SCADA Nexus 2 -3 Sep • Hacker Halted 13 Sep • • Derby. Con 23 -27 Sep IT Security one 2 one Summit • • Root-66 B-Sides DFW 3 Nov TBD 4 -6 Oct

DHA ( 1 st Wednesday / Tavern on Main, richardson ) TX 2600 ( DHA ( 1 st Wednesday / Tavern on Main, richardson ) TX 2600 ( 1 st Fri / Wild Turkey 35&Walnut. Hill, dallas ) (1 st Fri / 1418 Coffeehouse, plano) The Lab. MS ( 2 nd Monday / varies, plano ) Crypto Party ( 3 rd Thursday / Improving Enterprises, addison ) NAISG ( 4 th Thursday / Cross. Pointe Theatre, carrollton ) Lock. Pick DFW Local ( Last Monday / looking for new spot, dallas ) Dallas Maker. Space Random / carrollton

All images scavenged without permission All images scavenged without permission