GNEWS PREVIOUS Patch Tuesday

GNEWS PREVIOUS

Patch • • • Tuesday Feb - 9 Patches – 3 Critical - 55 CVEs MS 15 -009 - Update for Internet Explorer MS 15 -010 - Windows Kernel-Mode Driver, Remote Code MS 15 -011 - Group Policy, Remote Code MS 15 -012 - Microsoft Office, Remote Code MS 15 -013 - Microsoft Office, Security Bypass MS 15 -014 - Group Policy, Security Bypass MS 15 -015 - Microsoft Windows, Privilege Escalation MS 15 -016 - Microsoft Graphics Component, Info Disclosure MS 15 -017 - Virtual Machine Manager, Privilege Escalation Other updates, MSRT, Defender Definitions, Junk Mail Filter

Holes / Patches • Oracle • Cisco – – – – 159 CVEs 8 Virtual Box 9 My. SQL 19 Java • Adobe – – – APSA 15 -02 – Flash Player (1) APSB 15 -03 – Flash Player (2) APSB 15 -04 – Flash Player (18) • Apple, – – – Apple TV 7. 0. 3 i. OS 8. 1. 3 Safari 8. 0. 3, 7. 1. 3, 6. 2. 3 OSX 10. 2 Security Update 2015 -001 IOS Kernel Timer Unified IP Phone 9900 multi-vuln Web. Ex Meetings Server multi-vuln Any. Connect xss • VMWare – VMSA-2015 -001 – v. Sphere cert validation (1) – VMSA-2015 -002 – ESXi, Work. Station, Player, Fusion (8, openssl) • VLC Player – XP Only, DEP violation / write access • Verizon My. FIOS app – Email account exposure

• GE SCADA switches have hard coded SSL key • Gmb. H Harts multiple vulns • • Schneider more patches Schneider hardcoded passwds • Daktronics hardcoded passwds • Siemens Simatic PLC, patches • Gas Station Hacking • malware goes airborne • KL-Remote • Air. Port Parking • Progressive Snap. Shot • Mc. Afee ATD sandbox bypass • look ma, i rooted the microwave • router bricks • godaddy Hacking

• istegsiri • lizardsquad dos stressor bugs • Mozilla meta referrer • tesla keyless start • Apple 0 -days • fix for thunderbolt? • android wifi direct • GNU C Library • blackphone bug • adobe 0 -day • outlook app launched and shot • BMW remote unlock • ie xss 0 -day • Pirelli home routers vulnerable • angler exploit kit Hacking

• • • Verizon / Turn UIDH (perma cookie) EFF Helpful App List Cookie program to be disbanded • Google project zero drops two more bugs for MS • Blue Cross TN uses data without consent • Park N Fly (used at DFW) • plex streaming on PS 3/4 • Threat. Stream Optic and Maltego plugin • Bit. Coin comes to POS • Bitcoin now on wall street • windows 10 claims to be last upgrade ever • Ships • Master. Card, accepted everywhere, and now in cuba • Wing. Stop GP hcaked • Facebook censorship CORP

• MS backs cyanogen? ? • cause what can go wrong with wireless? • reddit transparency report • Bye Radio. Shack, thanks for all the signals • Anthem 80 million breach • GPG gets cash infusion • Cheezburger transparency report • turbo tax freezes state filing Corp

• CFAA amendment • Rise Up https: //help. riseup. net/en/about-us • Google and PWC to host. mil HIE • ENISA EU Threat Report • How does payment assistance really work? • brits label journalists as threats • barret brown - 63 months • cops don't like trackers • death of opt-in GPS? ? • To. R 80% pedo • rebirth of bad SAVE Act • more on patriot expiration • Canarywatch. org • FCC Title ii • DARPA Memex Govt

Crypto Currrency block chain http: //radar. oreilly. com/2015/01/understanding-the-blockchain. html more blockchain talk http: //radar. oreilly. com/2015/01/the-3 ps-of-the-blockchain-platforms-programs-and-protocols. html http: //coincenter. org/2015/01/reporting-back-blockchain-workshops-mit-harvard/ Automated Defense - Using Threat Intelligence to Augment State of The Union Transcript http: //www. securityorb. com/transcript-president-barack-obamas-state-union-speech Regin analysis http: //securelist. com/blog/research/68438/an-analysis-of-regins-hopscotch-and-legspin/ NSA best practices https: //www. nsa. gov/ia/_files/factsheets/Defending_Against_Destructive_Malware. pdf NIST Crypto Guide http: //www. healthcareinfosecurity. com/nist-revises-crypto-standards-guide-a-7831 http: //csrc. nist. gov/publications/drafts/nistir-7977/nistir_7977_second_draft. pdf NIST Mobile Applications http: //nvlpubs. nist. gov/nistpubs/Special. Publications/NIST. SP. 800 -163. pdf Papers https: //www. sans. org/reading-room/whitepapers/threats/automated-defense-threat-intelligenceaugment-35692

Scada history? https: //www. sans. org/reading-room/whitepapers/physical/abbreviated-history-automation-industrialcontrols-system-cybersecurity-35697 Cisco 2015 security report http: //www. cisco. com/web/offers/pdfs/cisco-asr-2015. pdf MS info sharing guidlines Papers http: //blogs. microsoft. com/cybertrust/2015/01/27/putting-information-sharing-into-context/ RSA Report http: //www. emc. com/collateral/fraud-report/h 13929 -rsa-fraud-report-jan-2015. pdf? M=125 EAA 470 C 46 -43 EA-8607 -9 FACA 6 B 1 C 627 Detecting coin miners https: //www. sans. org/reading-room/whitepapers/threats/detecting-crypto-currency-mining-corporateenvironments-35722 • • The Integration of Information Security to FDA and GAMP 5 Validation Processes https: //www. sans. org/reading-room/whitepapers/policyissues/integration-information-security-fdagamp-5 -validation-processes-35732 • • Ed Markey Senate report http: //www. markey. senate. gov/imo/media/doc/2015 -02 -06_Markey. Report. Tracking_Hacking_Car. Security%202. pdf

WTF!? CASL "It is now illegal to install programs, such as malware, on someone's computer without consent. " http: //www. fightspam. gc. ca/eic/site/030. nsf/eng/home

Flink (hadoop like analysis engine) https: //flink. apache. org/ PHP 5. 6. 5 http: //php. net/ R shinydashboard Tools http: //rstudio. github. io/shinydashboard/ Hound (source code search) https: //github. com/etsy/Hound GParted http: //gparted. sourceforge. net/ Army Dshell (forensics) https: //github. com/USArmy. Research. Lab/Dshell capstone 3. 0. 1 (disassembly) http: //capstone-engine. org/Version-3. 0. 1. html NST 20 -6535 / Kali 1. 1. 0

ns o C st a P • Guide http: //securityintelligence. com/guide-to-2015 -conferences-and-eventsfor-security-professionals • • • Hack In Paris 2015 CFP • Shmoo cottonmouth-1 vs turnipschool (usb cable) • IE Heap protection bypass • Shmoo vidieos https: //archive. org/details/shmoocon-2015 -videos-playlist • HITB • white-paper-using-intel-txt-attack-bioses white-paper-extreme-privilege-escalation-windows-8 uefi-systems

re tu u n o C F s • • • B-Sides Austin 12 – 13 Mar Can. Sec. West 18 - 20 Mar Info. Sec Southwest 10 – 12 Apr • B-Sides Nashville 11 Apr • B-Sides San Antonio ? May • • Thot. Con 0 x 6 14 – 15 May Pen. Test Austin (SANS) • Def. Con 23 18 – 23 May 6 – 9 Aug

DHA ( 1 st Wednesday / Tavern on Main, richardson ) TX 2600 ( 1 st Fri / Wild Turkey 35&Walnut. Hill, dallas ) (1 st Fri / 1418 Coffeehouse, plano) The Lab. MS ( 2 nd Monday / varies, plano ) Crypto Party ( 3 rd Thursday / Improving Enterprises, addison ) NAISG ( 4 th Thursday / Cross. Pointe Theatre, carrollton ) Lock. Pick DFW ( Last Monday / looking for new spot, dallas ) Local Dallas Maker. Space Random / carrollton

All images scavenged without permission