PREVIOUS GNEWS
Patch
•
Feb – ? Patches – ? Critical – ? CVEs
Tuesday
Holes / Patches
•
•
Oracle
– VMSA-2017-0001 ( 1 CVE)
– 270 Fixes
•
•
•
17 Java
27 MySql
•
•
Adobe
Apple
–
–
–
–
–
–
–
–
–
Logic Proc X 10.3 ( 1 CVE)
GarageBande 10.1.5 ( 1 CVE)
watchOS 3.1.3 ( 34 CVE)
tvOS 10.1.1 ( 12 CVE)
iOS 10.2.1 ( 18 CVE)
macOS Sierra 10.12.3 ( 11 CVE)
iCloud for Windows 6.1.1 ( 4 CVE)
Safari 10.0.3 ( 12 CVE)
iTunes 12.5.5 for Windows ( 4 CVE)
Airwatch
Android
– Too Soon
– APSB17-03 Acrobat Extension for Chrome
( 1 CVE)
•
•
VMWare
Docker Escape
•
CryptKeeper Default Password
•
Wordpress 4.7 REST API
•
SMB 0-day
– DoS
•
Jabbim Jabber server hack
•
Gaming forums hacked
•
Shadow Brokers quit, leave utilities to the public
•
xmeye.net DVR passwords
•
Tax season scams
•
Ripper.cc
•
Dridex now bypasses UAC
•
Win drm + tor = bad
•
rise of printer vulns redux
Hacking
•
•
Cellbrite popped
Cellbrite reusing jailbreak code?
•
BackPage shutters adult ads
•
MS buys Maluuba (AI)
•
HP buys Niara (BA)
•
ProtonMail hidden service
–
•
https://protonirockerxow.onion
Lavabit is back
–
https://lavabit.com
•
Symantec CA woes
•
Google CA
•
Vinyl upgrade
•
Facebook delegated password recovery
•
Honeywell SCADA clear-text password
•
Intercontinental Hotel breach
Corp
•
Chelsea manning commuted
•
US backs out of TPP (but prolly not for "our" reasons)
•
Executive order aids NSA spying
•
Rash of proposed protest laws
•
NSL "Rules"
•
CIA doc db goes live
•
MAPFRE Life Insurance 2.2 mil HIPAA fine
•
Children’s 3.2 mil HIPAA fine
•
Army bug bounty 118 flaws 100,000
•
Cockrell Hill evidence lost to ransomware
Govt
•
Hacking Slot Machines
•
Ikea launches smart bulb (zigbee)
•
PoS Malware is 93% dead
•
Mac Malware steals keychain creds
•
St Jude patches additional device
•
Vizio fine 2.2 mil in tracking case
Random
‘Coded’ Documentary
http://www.freethinkmedia.com/shows/coded/
NIST Cybersecurity Framework revisions
https://www.nist.gov/cyberframework/draft-version-11
https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf
Papers
Analysis of Android VPN Apps
x
WTF
NetCease
power shell script for Windows Configuration
SAMRi10
power shell script for Windows Configuration
TCHunt
enumerate encrypted files
Fortress VM (DC416)
CTF
WaveConverter
RF analysis
Tools
CanSecWest 15-17 Mar
Hou.Sec.Con 7.0 23 Mar
BSides Austin
SANS PenTest Austin 27 Mar-01 Apr
Women in Cybersecurity 31 Mar-01 Apr
InfoSec Southwest 07-08 Apr
BSides Nashville 22 Apr
DHA @Dallas_Hackers
(
1st
Wednesday / Family Karaoke, Dallas )
TX2600 @dallas2600
(
1st
Fri / Wild Turkey 35&WalnutHill, Dallas )
The Lab.MS @TheLab_ms
(
2nd
Saturday + random events / TheLab.ms, Plano )
ISSA Fort Worth @ISSAFortWorth
( 2nd Tuesday / location varies )
Fort Worth Crypto Party
( 2nd Tuesday / The Maker Spot, N. Richland Hills )
OWASP Dallas @OWASPDallas
( 3rd Tuesday / location varies )
Crypto Party DFW @CryptoPartyDFW
( 3rd Thursday / TheLab.ms, Plano )
North Texas Cyber Security Group @ntxcsg
( Last Thursday, Jakes, Frisco )
Dallas MakerSpace @dallasmakers
( Random events / Carrollton )
Hack Ft Worth @Hack_FtW
( 3rd-ish Tuesday / Buffalo West, Fort Worth)
Lock Pick DFW @LockPickDFW
( Last Monday/ Sherlocks Arlington )
All images scavenged without permission
All images scavenged without permission