PREVIOUS GNEWS. 6 Patches – 1 Critical – 22 CVEs Affected – IE. Kernel, Print, Office MS13-047...
-
Upload
crystal-mathews -
Category
Documents
-
view
217 -
download
0
Transcript of PREVIOUS GNEWS. 6 Patches – 1 Critical – 22 CVEs Affected – IE. Kernel, Print, Office MS13-047...
PREVIOUS GNEWS
• 6 Patches – 1 Critical – 22 CVEs
• Affected – IE. Kernel, Print, Office
• MS13-047 - Cumulative Security Update for Internet Explorer
• MS13-048 - Windows Kernel, Info Disclosure
• MS13-049 - Kernel-Mode Driver, DoS
• MS13-050 - Windows Print Spooler Components, Privilege Escalation
• MS13-051 - Microsoft Office, Remote Code
Other updates, MSRT, Defender Definitions, Junk Mail Filter
Patch Tuesday
• Oracle, due out 16 July 2013
• Adobe– APSA13-03 - ColdFusion– APSB13-13 - ColdFusion– APSB13-14 – Flash Player– APSB13-15 – Reader and Acrobat– APSB13-16 – Flash Player
• Apple,– Safari 6.0.5– Security Updates 2013-02– QuickTime 7.7.4– iTunes 11.0.3 (41 fixes)
• Cisco– Cisco Nexus 1000V VSM/VEM, Multiple Vulns– IOS, Multiple DoS– WebEx, Info Disclosure
Holes / Patches
• IE fix-it tools for MS13-038
• Hacking the power (usb chargers)
• Hacking Cannons
Holes / Patches
• Some iphones auto connect to APs labeled attwifi– Oh but wait there are reports of this back to ios5
Hacking
• MS snooping skype URLs
• Pentagon certifies iOS for govt use
• Websense goes private
• Google gets stupid with hangouts
• verizon fios unlimited plan has limit, 77TB/mo
• paypal undisclosed age limit
• NSA and data
• SSL Providers requiring 2048bit certs
Corp
• French repeal 3 strikes law?
Legal
Papers• DB logging and security• https://www.sans.org/reading_room/whitepapers/application/setting-database-security-logging-monitoring-
program_34222
• GOOGLE CAMP (content agnostic malware protection)• https://www.cs.jhu.edu/~moheeb/aburajab-ndss-13.pdf
• http://www.darkreading.com/monitoring/google-uses-reputation-to-detect-malicio/240152413
• hey guys i'm looking at porn over here (on-line adult industry)• http://honeyblog.org/junkyard/paper/adultSites-weis2010.pdf
• HITB Magazine issue 009• http://magazine.hitb.org/
• Hacker5 Magazine• http://www.hackers5.com/free-issue
RasPi pentestinghttp://resources.infosecinstitute.com/pentesting-distributions-and-installer-kits-for-your-raspberry-pi
Alternative Tools for Linuxhttp://www.tecmint.com/windows-alternatives-for-linux/
FireFox OS
D
tools
CON Events
All images scavenged without permission
All images scavenged without permission