PREVIOUS GNEWS Patch Tuesday Jun 2017

PREVIOUS GNEWS

Patch Tuesday Jun 2017 – 96 vulnerabilities with 331 unique dowloads • • • • Internet Explorer / Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps Silverlight Skype for Business and Lync Adobe Flash Player Windows 10 and Windows Server 2016 (including Microsoft Edge) / Remote Code Windows 8. 1 and Windows Server 2012 R 2 / Remote Code Windows Server 2012 / Remote Code Windows RT 8. 1 / Remote Code Windows 7 and Windows Server 2008 R 2 / Remote Code Windows Server 2008 / Remote Code Microsoft Office, Office Services, Office Web Apps, and other Office-related software / Remote Code Microsoft Silverlight / Remote Code Microsoft Lync and Skype for Business / Remote Code Adobe Flash Player / Remote Code

Holes / Patches • Oracle • – Due 18 Jul 2017 VMWare – VMSA-2017 -0009 ( 2 CVE) • • • – VMSA-2017 -0010 ( 2 CVE) Adobe – – APSB 17 -17 Flash Player ( 9 CVE) APSB 17 -18 Shockwave Player ( 1 CVE) APSB 17 -19 Captivate ( 1 CVE) APSB 17 -20 Digital Editions( 9 CVE) Android – 2017 -05 -01 ( 20 CVE) – 2017 -05 -05 ( 98 CVE) workstation • v. Sphere Data Protection – VMSA-2017 -0011 ( 1 CVE) • • Horizon View Client Apple – – – – i. OS 10. 3. 2 ( 55 CVE) Security Update 2017 -002 ( 44 CVE) watch. OS 3. 2. 2 ( 21 CVE) i. Tunes 12. 6. 1 for Windows ( 1 CVE) Safari 10. 1. 1 ( 27 CVE) i. Cloud for Windows 6. 2. 1 ( 1 CVE) tv. OS 10. 2. 1 ( 33 CVE)

Holes / Patches • HP audio driver with Key. Logger • MS bulletin site • Sudo 1. 86 p 7 – 1. 8. 20 w/ SELinux • Samba prior to 4. 4. x • cisco anyconnect prior to 4. 4. 02034 (windows) • 30 fixes in chrome 59

• WCry / Wana. Cry • evil subtitles • indexing azure • Jeep thefts • Raberry Pis vuln to lunix bug • More leaks, cia frameworks • shadow brokers going monthly? • keybase extension • rig EK shutdown • ATM now getting abused Hacking

• Chase payment outage. • Need for Cobol • Inter. Continental hack bigger than originally reported. • da font popped • chipotle popped (FW stores affected) • kmart popped • one login popped • hotels. com suspicous activity • twitter dropping donottrack? • square to replace DC taxi meters • Open. VPN audits Corp

• Cashless Sweden • Cyber Security Executive Order • Govt Pay averages 7 K less • Protecting our Ability To Counter Hacking (PATCH) Act • FL Dept of Agreculture and Consumer Services popped - CHL data • patent suit must be local • NV bans blockchain tax • Modernizing Government Technology Act, passes House • Apple NSL • OCR IR Checklist Govt

Understanding Pacemaker Systems Cybersecurity http: //blog. whitescope. io/2017/05/understanding-pacemaker-systems. html Papers

google auto photo sharing? shrooms are safest take off eh! WTF

Keychain. Cracker SITCH stingray detector maltrail Traffic analysis Labryneth ctf nix auditor forensics roll-up 22 tools Tools

st a s P on C Hack. Miami 19 -21 May Nola. Con 19 -21 May Circle City Con Indy 9 -11 Jun

Fu tur Co e ns ANYCon Albany 16 -18 Jun Black. Hat 22 -27 Jul BSides. LV 25 -26 Jul Def. Con 27 -30 Jul

DHA @Dallas_Hackers ( 1 st Wednesday / Family Karaoke, Dallas ) TX 2600 @dallas 2600 ( 1 st Fri / Wild Turkey 35&Walnut. Hill, Dallas ) The Lab. MS @The. Lab_ms ( 2 nd Saturday + random events / The. Lab. ms, Plano ) ISSA Fort Worth @ISSAFort. Worth ( 2 nd Tuesday / location varies ) Fort Worth Crypto Party ( 2 nd Tuesday ? / The Maker Spot, N. Richland Hills ) Hack Ft Worth @Hack_Ft. W ( 3 rd-ish Tuesday / Buffalo West, Fort Worth) OWASP Dallas @OWASPDallas ( 3 rd Tuesday / location varies ) Crypto Party DFW @Crypto. Party. DFW ( 3 rd Thursday / The. Lab. ms, Plano ) North Texas Cyber Security Group @ntxcsg ( Last Thursday, Jakes, Frisco ) Where Dallas Maker. Space @dallasmakers ( Random events / Carrollton ) Lock Pick DFW @Lock. Pick. DFW ( Last Monday/ Sherlocks Arlington )

All images scavenged without permission