PREVIOUS

GNEWS

• Apr 4 Patches – 2 Critical – 11 CVEs

•

• MS14-017 - Microsoft Word and Office Web Apps, Remote Code

• MS14-018 - Cumulative Security Update for IE, Remote Code

• MS14-019 – Windows File Handling Component, Remote Code

• MS14-020 - Microsoft Publisher, Remote Code

• Bye-Bye XP

Other updates, MSRT, Defender Definitions, Junk Mail Filter

Patch Tuesday

• Oracle, Due out 15 Apr

• Adobe– APSB14-09 – Flash Player

• Apple, – Safar 6.1.3 / 7.0

• Cisco– ASA, Multiple Vulns– Cisco ONS 15454 Controller Card, Multiple DoS– Emergency Responder, Multiple Vulns– IOS, Multiple Vulns

Holes / Patches

• HeartBleed– Openssl 1.0.1 – 1.0.1f and 1.0.2-beta

– Android 4.1.0 – 4.1.1

• Tesla S– 6 character passwd via phone

• MS Word 0-day

Random

• TrustWave sued in Target Breach

• US to give up ICANN oversight

• California under fire (again) for StingRay femtocells

Corp

DNS RPZ for Malware Defensehttps://www.sans.org/reading-room/whitepapers/dns/implementation-dns-rpz-malware-phishing-defence-34535

Symantec Internet Security Threat Reporthttp://www.symantec.com/connect/blogs/2013-internet-security-threat-report-year-mega-data-breach

Malware Sandboxinghttp://blogs.technet.com/b/mmpc/archive/2014/03/31/creating-an-intelligent-sandbox-for-coordinated-malware-

eradication.aspx

  

Papers

Persisent Mint on USB

Arduino Projects

Tools

• SanSecWest Pwn2Own• 35 vulns

• B-Sides Austin – Mar• Windows Logging Workshop

• Veil Framework• Lots of SCADA

• InfoSec SouthWest – Apr

• B-Sides San Antonio – May• B-Sides New Orleans - May

• Hope X - Jul

• Defcon – Aug

• ToorCon - Oct

• B-Sides DFW – Nov

Cons

TX2600( 1st Fri / Wild Turkey 35&WalnutHill )

( ? Plano)

NAISG( 4th Thursday / CrossPointe )

DHA( 1st Wednesday / Allen Wicker Pub )

Crypto Party( 3rd Thursday / Improvin Enterprises )

LockPick DFW( 1st Monday / Trinity Hall )

The Lab.MS( 2nd Monday / Allen Wicker Pub )

Dallas MakerSpace

Local

All images scavenged without permission

All images scavenged without permission