Download - PREVIOUS GNEWS
![Page 1: PREVIOUS GNEWS](https://reader035.vdocuments.us/reader035/viewer/2022062518/5681443f550346895db0dbeb/html5/thumbnails/1.jpg)
PREVIOUS GNEWS
![Page 2: PREVIOUS GNEWS](https://reader035.vdocuments.us/reader035/viewer/2022062518/5681443f550346895db0dbeb/html5/thumbnails/2.jpg)
• 2 Patches – 0 Critical – 2 CVEs
• Affected –
Other updates, MSRT, Defender Definitions, Junk Mail Filter
– MS12-052 - 060 – 5 critical, 8 remote code execution, 26 CVEs, rdp, visio, exchange, kernal and more
– MS12-061 - Visual Studio Team Foundation Server, Elevation of Privilege– MS12-062 - System Center Configuration Manager, Elevation of Privilege
Patch Tuesday
![Page 3: PREVIOUS GNEWS](https://reader035.vdocuments.us/reader035/viewer/2022062518/5681443f550346895db0dbeb/html5/thumbnails/3.jpg)
• Oracle out of band patch
• Adobe– APSB12-16 Adobe Reader and Acrobat
• Apple,– Apple Remote Desktop 3.6.1– Java for OSX– iTunes 10.7
• Cisco– ASA CX / PRSM log DoS– Unified Presence / Jabber DoS– AnyConnect, code execution– IOS Authentication, DoS
Holes / Patches
![Page 4: PREVIOUS GNEWS](https://reader035.vdocuments.us/reader035/viewer/2022062518/5681443f550346895db0dbeb/html5/thumbnails/4.jpg)
• Java now with mac updates
• Norton online backup, allowed viewing other user data
• Apple remote desktop, now with encryption
• VMWare, opensource components update
Holes
![Page 5: PREVIOUS GNEWS](https://reader035.vdocuments.us/reader035/viewer/2022062518/5681443f550346895db0dbeb/html5/thumbnails/5.jpg)
• Kill Switch found in dirt jumper kill DDoS tool
• kaspersky call to assist in gauss crack
• Gauss the new stuxnet
• blue prize tool is already bypassed, ropguard
• Anti-Leaks DDoS on WikiLeaks
• Tilon malware, avoids detection
• Pwnium2, Google offers up 2mil in bounties
• Shamoon
• SANS summary of SCADA authentication issues
• Crisis now for windows :P
• More password foo
Hacking
![Page 6: PREVIOUS GNEWS](https://reader035.vdocuments.us/reader035/viewer/2022062518/5681443f550346895db0dbeb/html5/thumbnails/6.jpg)
• Bored hackerspace digs up 25yr old Mac Easter Egg
• Stripes CTF 2.0, online week long CTF
• Google Chrome for iOS incognito mode, stores passwords
• More SSL attacks from house of Beast
• FBI colludes with BlueToad and Anonymous to brute force 22 million andriod UUIDs for iphone
Hacking
![Page 7: PREVIOUS GNEWS](https://reader035.vdocuments.us/reader035/viewer/2022062518/5681443f550346895db0dbeb/html5/thumbnails/7.jpg)
• google buys virus total
• IE 10 to reject certs <1024 bit
• digia buys qt
• ios encrypt impossible to crack (by nsa standards)
• trap wire???
• Google weights search results based on DMCA notices
• Facebook app verification
• FTC jumps in
• IE defaults with do not track
• gapping flaw alows bypass
Corp
![Page 8: PREVIOUS GNEWS](https://reader035.vdocuments.us/reader035/viewer/2022062518/5681443f550346895db0dbeb/html5/thumbnails/8.jpg)
• New batteries reduce charge time to minutes
• AMD loses 30Kbs to hackers
• dell buys sonicwall
• NIST BIOS RFC
• cyber war defined? (air force thinks so)
• bitcoin ponzi totaling 56mil
Corp
![Page 9: PREVIOUS GNEWS](https://reader035.vdocuments.us/reader035/viewer/2022062518/5681443f550346895db0dbeb/html5/thumbnails/9.jpg)
• bitcoinia suit
• piratebay again
• expansion of child data protection – (operator / website definitions and advertising)
• location data is not private
• Fed backdoors??
• FB face recognition illegal in Germany
• Kim can see data
• TPP - Trans-Pacific Partnership Agreement Intellectual Property Chapter (SOPA/PIPA redux)
sniffing wifi not wiretapping
Legal
![Page 10: PREVIOUS GNEWS](https://reader035.vdocuments.us/reader035/viewer/2022062518/5681443f550346895db0dbeb/html5/thumbnails/10.jpg)
Backtrack 5r3
mac fde
java leak finder
solarwinds
nixle
mobilescope
outlook.com
dropbox two factor
urlshorteners
tools
![Page 11: PREVIOUS GNEWS](https://reader035.vdocuments.us/reader035/viewer/2022062518/5681443f550346895db0dbeb/html5/thumbnails/11.jpg)
Papers• byodtoolkit
http://www.cio.gov/byod-toolkit.pdf
Snort install guide for freebsdhttp://blog.snort.org/2012/08/snort-2931-installation-guide-for.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Snort+%28Snort%29
dhs critical infra attackshttp://www.simplysecurity.com/2012/08/28/dhs-report-confirms-spike-in-critical-infrastructure-cyberattacks/https://www.us-cert.gov/control_systems/pdf/ICS-CERT_Incident_Response_Summary_Report_09_11.pdf
UTD frankenstienhttp://www.dfinews.com/news/frankenstein-programmers-test-cybersecurity-monsterhttps://www.usenix.org/conference/woot12/frankenstein-stitching-malware-benign-binaries
NIST patching drafthttp://csrc.nist.gov/publications/drafts/800-40/draft-sp800-40rev3.pdf
![Page 12: PREVIOUS GNEWS](https://reader035.vdocuments.us/reader035/viewer/2022062518/5681443f550346895db0dbeb/html5/thumbnails/12.jpg)
WTF• Face deals app
• Defender in Win8 molests hosts files
• IAC buys about.com
• Warrants, what for
• secure boot flips, bans windows
![Page 13: PREVIOUS GNEWS](https://reader035.vdocuments.us/reader035/viewer/2022062518/5681443f550346895db0dbeb/html5/thumbnails/13.jpg)
CON Eventsburning man Aug 27 - sep 3
www.burningman.com/
defconvidshttp://it.toolbox.com/blogs/securitymonkey/chiefs-picks-videos-from-blackhat-briefings-usa-2012-52774?rss=1
hacker dojohttp://news.hitb.org/content/googles-backyard-hackers-face-eviction
![Page 14: PREVIOUS GNEWS](https://reader035.vdocuments.us/reader035/viewer/2022062518/5681443f550346895db0dbeb/html5/thumbnails/14.jpg)
All images scavenged without permission
All images scavenged without permission