PREV

IOUS

GNEWS

PREV

IOUS

GNEWS

• 7 Patches – 3 Critical – 20 CVEs

• Affected – IE, Kernel, Visio, Silverlight Sarepoint,…..

Other updates, MSRT, Defender Definitions, Junk Mail Filter

– MS13-021 – Cumulative Security Update for Internet Explorer, Remote Code– MS13-022 – Silverlight, Remote Code– MS13-023 - Microsoft Visio Viewer 2010, Remote Code– MS13-024 - Sharepoint, Privilege Escalation– MS13-025 - Microsoft OneNote, Info Disclosure– MS13-026 – Office Outlook for Mac, Info Disclosure– MS13-027 – Kernel-Mode Drivers, Privilege Escalation

Patch Tuesday

• Oracle, Due April 16– Out of band Java Patch

• Adobe– APSA13-02 – Adobe Reader and Acrobat 2 CVEs– APSB13-07 – Adobe Reader and Acrobat 2 CVEs– APSB13-08 – Adobe Flash Player 3 CVEs– APSB13-09 – Adobe Flash Player 4 CVEs

• Apple,– Java for OSX 10.6.8 Update 13 and 14

• Cisco– Root shell access, multiple products– Video conferencing, ftp config– MARS, info disclosure– Wireless LAN Controllers, DoS– Unified Communications, multiple vulns

Holes / Patches

• VMWare – NFC memory corruption (network file copy)

• ArcSight Logger – Info disclosure, XSS, command inject

• Postgress – DoS

• Wireshark – multiple dissector bugs (crash, loop)

• Nvidia – root access

• SSHD - rootkit

Holes / Hacking

• FB Hacked

• Mac games

• mobile coldboot

• HDMI breakout

• pwnpad

• iphone passcode

• html5 full drive

• cpanel root passwords

• You are all commies – Pirate bay moves to N.Korea

Holes / Hacking

Corp• Firefox OS

• Tripwire to buy nCircle

• Raytheon data mining

• Bit9 not practicing what they preach ...ooops

• HP to use andriod

• Buffalo add Trend Micro to NAS

• Android 4.2.2. kills nexus lte

• BitCoins = pizza• BitCoin ATM• Bitcoin market up

• PCI for cloud

• Blackberry gives India PIN

• FB target adverts and opt out

• IT Executive Order finally here

• ITIF calls for govt. control of interwebs

• Seattle ordered to dismantled drones

• Ca to buy drones, EFF asks for good privacy policy

• CAS comes to an ISP near you

• Bill requires warrants for email

Legal

• Shortcuts

• http://resources.infosecinstitute.com/allow-me-to-save-you-some-time-some-useful-shortcuts/

• Wireshark 101 

• http://www.wiresharkbook.com/

• Drone use summary

• https://www.eff.org/deeplinks/2013/02/just-how-many-drone-licenses-has-faa-really-issued

Papers

• Nunit 2.6 - .net testing

• Nessus 5.0.3 – vuln scanner

• Nessus now audits palo alto configs

• Wafec – eval criteria

• mobile ips

• IE 10 for win 7

• abine maskme – anti-tracker

• Belkasoft Facebook Profile Saver– (happy stalker)

tools

• Apple App Store turns on HTTPS

WTF

CON EventsShmoo

RSA

B-Sides San Francisco

CanSecWest 

All images scavenged without permission

All images scavenged without permission