Embed Size (px)
Citation preview
• Apr - 11 Patches – 4 Critical - 26 CVEs
• MS15-032 - Cumulative Security Update for IE
• MS15-033 - Office, Remote Code
• MS15-034 - HTTP.sys, Remote Code
• MS15-035 - Graphics Component, Remote Code
• MS15-036 - SharePoint Server, Privilege Esclation
• MS15-037 - Windows Task Scheduler, Privilege Escalation
• MS15-038 - Windows, Privilege Escaltion
• MS15-039 - XML Core Services, Security Bypass
• MS15-040 - Active Directory Federation Services, Info Disclosure
• MS15-041 - .NET Framework, Info Disclosure
• MS15-042 - Hyper-V, DoS
Other updates, MSRT, Defender Definitions, Junk Mail Filter
Patch Tuesday
• May - 13 Patches – 3 Critical - 48 CVEs
• MS15-043 -
• MS15-044 -
• MS15-045 -
• MS15-046 -
• MS15-047 -
• MS15-048 -
• MS15-049 -
• MS15-050 -
• MS15-051 -
• MS15-052 -
• MS15-053 -
• MS15-054 -
• MS15-055 -
Other updates, MSRT, Defender Definitions, Junk Mail Filter
Patch Tuesday
Cumulative Security Update for IE
Font Drivers, Remote Code
Journal, Remote Code
Office, Remote Code
SharePoint Server, Remote Code
.NET Framework, Privilege Escalation
Silverlight, Privilege Escalation
Service Control Manager, Privilege Escalation
Kernel-Mode Drivers, Privilege Escalation
Kernel, Security Bypass
JScript and VBScript Scripting Engines, Security Bypass
Management Console File Format, DoS
Schannel, Info Disclosure
• Windows “Re-Direct To SMB” issue affects all versions
• Patched Tuesday redux 30+ optionals out-of-band
• Windows 10 to kill and bury patch tuesday (for non-pro/business versions)
• "will also be regularly delivering ongoing Windows innovation in addition to security updates."
• Limited 2 month bounty on spartan browser, ends 22 June
oohh Microsoft ?!
• Oracle– 14 Apr / 98 fixes
• Adobe– APSB15-06 Flash Player (13 CVE)– APSB15-09 Flash Player (18 CVE)– APSB15-10 Adobe Reader (7
CVE)
• Apple, – Safari 8.06 / 7.1.6 / 6.2.6 (5 CVE)– OSX Server 4.1 (4 CVE)– Xcode 6.3 (1 CVE)– Apple TV 7.2 (gen3+) (39 CVE)– iOS 8.3 (58 CVE)– Security Update 2015-004 (77
CVE)
• Cisco– Web Security Appliance, Python
Parsing issue, Remote Code– FireSIGHT, XSS– NTP, DOS
• VMWare– none
• Lenovo– System Update, Remote Code– Patched via System Update :)
Holes / Patches
• Apple API to root
• RootPipe not really fixed?
• Apple Darwin Nuke
• “No iOS Zone” Reboot Loop
• browser on apple watch
• mac keeper? upgrade to 3.4.1 now
• apple beats reportedly seeking exclusive contracts
• apple bans time apps on watch
• Apple HealthKit follow-up– "Apple has put too much onus on developers to provide the right level of security.“– 1st 24hrs, 11K signup for 1 Standford study
• Mac Tweaks for Speed
More Rotten Apples
• Hospira LifeCare drug pump flaw
• 35 sat antena
• GoT episodes leak
• Clock speeds are lies
• Kiosk Break-outs– https://www.trustedsec.com/april-2015/kioskpos-breakout-keys-in-windows/
• wifi via LED, Wi-FO
• HSBC mortgage breach
• Match.com non-https logon
• Genome editing is here
• projector fun (InFocus IN3128HD auth bypass)
• ebay xss
• MySQL SSL strip
• Google pass alert
• outta my sandbox kid (single core detection)
• don't audit me brah (rombertik malware)
Hacking
• Trustwave to be bought by Singtel
• Raytheon buys Websense
• Ebay / PayPal split
• TOR Cloud calls it quits
• Intercept Secure Drop Hidden Service
• AlienVault Open Threat Exchange 2.0
• product liability protection
• DropBox Bounty Program
• Return of WikiLeaks submission site - wlupld3ptjvsgwqw.onion
• grooveshark.io
• better bitcoin? (federated Byzantine agreement)
• Surveillance state repeal act
• sendgrid breach
• HardRock payment breach
• Sally popped again
• FB video redirect vuln
Corp
• McConnell and Burr hope to reauthorize sec.215
• Medicare to remove SSN from card
• no-fly reasons now available
• congressional hearing on crypto
• you gps'ed my skimmer
• FBI 3mil "bug" bounty for russian
• Innovation Act back on the table, Introduction of PATENT Act
• 11th circuit overturns privacy ruling
• VA man sues for reader data / LA says we don't have to tell you nee-ner-nee-ner
• NSA phone data illegal
Govt
PCI Card Production Standard update 1.1
PCI 3.1 update
Verizon DBIR
Symantec ISTR
Payment Juryhttp://www.slideshare.net/PaymentsInnovationJuryReport/payments-innovation-reportwebfinal-
updated200415#14302263978911&fbinitialized
Attaking Smart Homes with Software Defined Radiohttps://www.sans.org/reading-room/whitepapers/threats/software-defined-radio-attack-smart-home-
systems-35922
nmap "cheat sheet"http://resources.infosecinstitute.com/nmap-cheat-sheet-5-the-final-view-of-a-ninja-pentester/
Open Smart Grid - Weak Cryptohttps://eprint.iacr.org/2015/428
https://threatpost.com/weak-homegrown-crypto-dooms-open-smart-grid-protocol/112680
NFTableshttps://www.sans.org/reading-room/whitepapers/firewalls/nftables-second-language-35937
Papers
hack all the planes
Dear Boeing "have you tried turning it off and on again?"https://s3.amazonaws.com/public-inspection.federalregister.gov/2015-10066.pdf
RAGE QUIT
3d snowden
dirty apple / Bad robot
WT
F!?
the dudenetwork mgt
USBKillrapid shutdown
netflix fidoIR Toolkit
Splunk app for MHN
MS LAPSLocal Admin Vault
ISWatchIntel resumes
chip $9 PC
Tools
http://explainshell.com/Interactive shellcode parser
Great Cannon Traffic Injectionused against github
Project Maelstrom public betabit torrent p2p browser
tor browser update, 4.5
TeslaCrypt cracker
Emet
Wdigest dumpingmeterpreter / mimikatzk in win 8.1
RSA
InfoSec Southwest 10 – 12 Apr
B-Sides Nashville 11 Apr
InnoTech Dallas 16 Apr
B-Sides OK 18 Apr
B-Sides San Antonio 2 May
Cons Past
Google Grants for women at HITB Amsterdam (May)
BH/DC teaser, Miller / Valasek to hack car wireless
• ThotCon 0x6 14 – 15 May
• PenTest Austin (SANS) 18 – 23 May
• DefCon 23 6 – 9 Aug
• B-Sides DFW TBD
Cons Future
DHA( 1st Wednesday / Tavern on Main, richardson )
TX2600( 1st Fri / Wild Turkey 35&WalnutHill, dallas )
(1st Fri / 1418 Coffeehouse, plano)
The Lab.MS( 2nd Monday / varies, plano )
Crypto Party( 3rd Thursday / Improving Enterprises, addison )
NAISG( 4th Thursday / CrossPointe Theatre, carrollton )
LockPick DFW( Last Monday / looking for new spot, dallas )
Dallas MakerSpaceRandom / carrollton
Local
All images scavenged without permission
All images scavenged without permission
