GNEWS

PREVIOUS

• Feb - 14 Patches – 5 Critical - 45 CVEs•

• MS15-018 - Cumulative Security Update for IE

• MS15-019 - VBScript Scripting, Remote Code

• MS15-020 - Microsoft Windows, Remote Code

• MS15-021 - Adobe Font Driver, Remote Code

• MS15-022 - Microsoft Office, Remote Code

• MS15-023 - Kernel-Mode Driver, Privilege Escalation

• MS15-024 - PNG Processing, InfoDisclosure

• MS15-025 - Windows Kernel, Privilege Escalation

• MS15-026 - Microsoft Exchange Server, Privilege Escalation

• MS15-027 - NETLOGON, Spoofing

• MS15-028 - Windows Task Scheduler, Security Bypass

• MS15-029 - Windows Photo Decoder Component, Info Disclosure

• MS15-030 - Remote Desktop Protocol, DoS

• MS15-031 - Schannel, Security Bypass (FREAK)

Other updates, MSRT, Defender Definitions, Junk Mail Filter

Patch Tuesday

• Oracle– Due in Apr

• Adobe– 0 – All Secure Here

• Apple, – iOS 8.2– Apple TV 7.1– Security Update 2015-002

(FREAK)– Xcode 6.2

• Cisco– IOS AAA Auth Bypass– IPV6 DoS (NCS600 / CRS-X)– ASA challenge/response bypass– TelePresence Multi-Vuln– Web Security Appliance Multi-Vuln

• VMWare– 0 – All Secure Here

• SAMBA– CVE-2015-0240, Remote Code

• GnuPG– Multi-Vuln, DoS / Remote Code

Holes / Patches

• TrueCrypt Audit

• TLS Audit

• Netgear router, no auth needed

• soho routers share common key

• seagate nas

• Google Play Store

• Mongo DB

• Encryption to styme reversing via Translation Lookaside Buffer

• RAMNIT takedown

• 'The Equation Group' HD firmware hack

• partial leak of rig exploit kit

• spying via power

• All your FB Photo are belong to dev null

• samsung voice data still unencrypted

Hacking

• Blu-Ray PowerDVD Java badness

• iPay, hindered by lax banking authentication

• Freak

• RowHammer

Hacking

• Uber lost and found loses data• Uber driver data breach

• Mozilla to force add-on signing

• Apple brings two-step verification to facetime

• Lenovo pre-installed MITM adware, Superfish– Lenovo says NAH, later back peddle like a champ– Mozilla pulls Cert

• BUT WAIT THERE IS MORE!!!• PrivDog / Comodo

• FB Threat Exchange

• FB Real Name Policy (sister inlaw can't use her name)

• MC Security Enhancements– facial and fingerprint (where is this data stored / give what to get what?)

• Google Caves to pressure, relaxing 90 day rule

• MS Win10 and FIDO

• Google Wallet looking for revival with SoftCard

• Samsung Acquires Loopay

CORP

• Taiga Systems Super – secure phone from russia

• Kaymera 360 (blackphone competitor)

• Nvidia to remove overclocking block

• Fedex and UPS self regulating tool delivery

• Twitter reporting update

• Paypal acquires Paydiant

• HP acquires Aruba

• EA ditches SIMS

• Google drops the lollipop

• TextSecure is no longer secure text

Corp

• GCHQ/NSA Gemalto hack– Gemalto gives no fuks– Gemalto drops findings statement

– "Very impressive, Gemalto had no idea of any attacks in 2010, one week ago. Now they know exactly what happened..." --Matt Suiche

• FAA Drone rules revamp

• NetNeutratily Win

• Ecuador Coin

• StingRays can disrupt normal services– http://www.wired.com/wp-content/uploads/2015/02/Stingray-pen-register-order-and-application.pdf

• List of National CIRTs– http://www.secur

• DHS 7 day bailout

• NZ requesting mandatory passwd disclosure

• NSLs cause they are "different" now. (3 yr expire)

• we all have jobs, Yay!– Pentagon hiring hackers

• Kenya Rocks

Govt

win phone forensicshttps://www.sans.org/reading-room/whitepapers/forensics/windows-phone-8-forensic-artifacts-35787

warchalk reduxhttp://www.wired.com/2015/02/field-guide-internet-infrastructure-hides-plain-sight/

Recon with no permission (not recommended)http://resources.infosecinstitute.com/owasp-zap-reconnaissance-without-permission/

FB policieshttps://www.eff.org/deeplinks/2015/02/new-report-shows-european-data-protection-authorities-are-

taking-facebooks

http://www.law.kuleuven.be/icri/en/news/item/icri-cir-advises-belgian-privacy-commission-in-facebook-investigation

http://www.law.kuleuven.be/icri/en/news/item/facebooks-revised-policies-and-terms-v1-1.pdf

Schneier "Surreptitiously Weakening Cryptographic Systems"https://www.schneier.com/blog/archives/2015/02/surreptitiously_1.html

Air Traffic Control Reporthttp://www.gao.gov/assets/670/668169.pdf

PowerCat (netcat for PowerShell)https://www.sans.org/reading-room/whitepapers/testing/powercat-proof-of-concept-powershell-

netcat-35807

Papers

BurningMan Tickets HackedW

TF

!?

HTTP/2 approved

SET 6.2

Android Emulation

Tools

• Kaspersky Security Analyst Summit

• Google drops Pwnium contest at con, makes it all year event.

• Source Boston CFPCons Past

• B-Sides Austin 12 – 13 Mar

• CanSecWest 18 - 20 Mar

• InfoSec Southwest 10 – 12 Apr

• B-Sides Nashville 11 Apr

• B-Sides San Antonio ? May

• ThotCon 0x6 14 – 15 May

• PenTest Austin (SANS) 18 – 23 May

• DefCon 23 6 – 9 Aug

Cons Future

DHA( 1st Wednesday / Tavern on Main, richardson )

TX2600( 1st Fri / Wild Turkey 35&WalnutHill, dallas )

(1st Fri / 1418 Coffeehouse, plano)

The Lab.MS( 2nd Monday / varies, plano )

Crypto Party( 3rd Thursday / Improving Enterprises, addison )

NAISG( 4th Thursday / CrossPointe Theatre, carrollton )

LockPick DFW( Last Monday / looking for new spot, dallas )

Dallas MakerSpaceRandom / carrollton

Local

All images scavenged without permission

All images scavenged without permission