Скачать презентацию Previous Gnews Patch Tuesday Jan 83 Скачать презентацию Previous Gnews Patch Tuesday Jan 83

1314b5028de7966ecbc4ec0500eee2ac.ppt

  • Количество слайдов: 14

Previous Gnews Previous Gnews

Patch Tuesday Jan – 83 KB Articles with 308 unique downloads • • • Patch Tuesday Jan – 83 KB Articles with 308 unique downloads • • • Reports of 16 Critical / 56 fixes Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps SQL Server Chakra. Core. NET Framework. NET Core ASP. NET Core Adobe Flash

Holes / Patches • Oracle • VMWare – VMSA-2017 -0021 ( 4 CVE ) Holes / Patches • Oracle • VMWare – VMSA-2017 -0021 ( 4 CVE ) – Due out 16 Jan 2018 • ESXi, v. Center, Workstation, Fusion (multi) – VMSA-2018 -0001 ( 3 CVE ) • Adobe • v. Sphere Data Protection (multi) – VMSA-2018 -0002. 1 ( 2 CVE ) – APSB 18 -01 Flash Player ( 1 CVE) • ESXi, Workstation, Fusion (meltdown/spectre) – VMSA-2018 -0003 ( 3 CVE ) • v. Realize, Worksation, Tools – VMSA-2018 -0004 ( x CVE ) • • v. Sphere, Workstation, Fusion (meltdown/spectre) Apple – i. OS 11. 2. 2 ( 2 CVE) – Safari 11. 0. 2 (again) ( 2 CVE) – mac. OS High Sierra 10. 13. 2 Supplemental Update ( 2 CVE)

Holes / Patches • MS bundles bad password manager • Win 10 WPAD/PAC attack Holes / Patches • MS bundles bad password manager • Win 10 WPAD/PAC attack • Mac LPE vuln • Ubuntu 17. 10 bios • Lexmark printers • Thunderbird • Meltdown / Spectre

• Internet Chemotherapy --Dr Cyborkian • cyrpto currency sans blockchain • Wannacry attributed • Internet Chemotherapy --Dr Cyborkian • cyrpto currency sans blockchain • Wannacry attributed to NK • win 10 facial busted • AI whizkid • Bose / Sonos speaker take over • Intel ME • huawei 0 -day code goes public • Lisa source code to be released Hacking

• Proof. Point Acquires Cloud. Mark (isp / mobile) • thales buys gemalto • Proof. Point Acquires Cloud. Mark (isp / mobile) • thales buys gemalto • apple buys buildbuddy • Amazon to buy Target • QVC buys HSN • Proofpoint buys weblife (web mail protection) • verizon buys niddel • quicksilver buys billabong • Alteryx S 3 • Nissan Canada Finance popped 1. 13 mil • ancestry. com leak Corp

• Mozilla installs looking glass silently • Apple battery throttling? ? • Uber • Mozilla installs looking glass silently • Apple battery throttling? ? • Uber it's not just for cars anymore • OKCupid launches real-name policy • Driveless car testing in AZ • WD My. Cloud hardcoded creds • MS drops Kinect • WPA 3? Corp

• Municpal Fiber being contested • Norway drops FM band • Virus ban • Municpal Fiber being contested • Norway drops FM band • Virus ban lifted • GCHQ overdoes it • University of Michigan wins 3. 6 mil for MORPHEUS • FERC to expand breach reporting rules • China adopts wechat as ID • FB deletes accounts for govt • Records privacy change • DHS popped • Cali Neutrality Bill • New border inspection rules • FTC settles child privacy case Govt

s 3 hardening http: //resources. infosecinstitute. com/amazon-s 3 -buckets-hardening/ ccholarships http: //resources. infosecinstitute. com/scholarships-information-security-infosec-students/ s 3 hardening http: //resources. infosecinstitute. com/amazon-s 3 -buckets-hardening/ ccholarships http: //resources. infosecinstitute. com/scholarships-information-security-infosec-students/ have i been hacked https: //bash-prompt. net/guides/server-hacked/ Papers

largest prime number found Phantom Trolleys Armed with hammers White Noise Patent WTF largest prime number found Phantom Trolleys Armed with hammers White Noise Patent WTF

Threat. Hunting. net http: //www. threathunting. net/ Tools Invoke-PSImage https: //github. com/peewpw/Invoke-PSImage mobilecoin bye Threat. Hunting. net http: //www. threathunting. net/ Tools Invoke-PSImage https: //github. com/peewpw/Invoke-PSImage mobilecoin bye google https: //www. wired. com/story/mobilecoin-cryptocurrency/ https: //spreadprivacy. com/how-to-remove-google/ Ret. Decompiler goes Open. Source sublis 3 r - web subdomina enumeration https: //github. com/avast-tl/retdec https: //github. com/aboul 3 la/Sublist 3 r co. WPAtty hijacker - android wifi https: //sourceforge. net/projects/cowpatty/ https: //github. com/chrisk 44/Hijacker Haven nmap nse https: //play. google. com/store/apps/details? id=org. havenapp. main https: //twitter. com/bonsaiviking/status/950772687655309313

Fu tur Co e ns BSides. Austin 8 -9 Mar 2018 austin $30 Can. Fu tur Co e ns BSides. Austin 8 -9 Mar 2018 austin $30 Can. Sec. West 14 -16 Mar 2018 (passport) vancouver $2100 Hou. Sec. Con 4 Apr 2018 houston $65 Info. Sec Southwest 11 -13 Apr 2018 austin $190 BSides. OK 13 Apr 2018 (training on 11 -12) tulsa $FREE BSides. Nash 14 Apr 2018 nashville $? ? ? Atl. Sec. Con 26 -27 Apr 2018 (passport) halifax $160 Thot. Con 4 -5 May 2018 chicago $170 SOLDOUT Hack. Miami 18 -20 May 2018 miami $125+ Circle. City 1 -3 Jun 2018 indy $150 BSides. SATX 16 Jun 2018 san antonio $? ? ?

DHA @Dallas_Hackers ( 1 st Wednesday / Family Karaoke, Dallas ) TX 2600 @dallas DHA @Dallas_Hackers ( 1 st Wednesday / Family Karaoke, Dallas ) TX 2600 @dallas 2600 ( 1 st Fri / Wild Turkey 35&Walnut. Hill, Dallas ) The Lab. MS @The. Lab_ms ( 2 nd Saturday + random events / The. Lab. ms, Plano ) ISSA Fort Worth @ISSAFort. Worth ( 2 nd Tuesday / location varies ) Hack Ft Worth @Hack_Ft. W ( 3 rd-ish Tuesday / Buffalo West, Fort Worth) OWASP Dallas @OWASPDallas ( 3 rd Tuesday / location varies ) Crypto Party DFW @Crypto. Party. DFW ( 3 rd Thursday / The. Lab. ms, Plano ) North Texas Cyber Security Group @ntxcsg Where ( Last Thursday, Jakes, Frisco ) Dallas Maker. Space @dallasmakers ( Random events / Carrollton )

All images scavenged without permission All images scavenged without permission