PREVIOUS GNEWS - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

PREVIOUS GNEWS

Description:

7 Patches x bugs addressed. Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows. Other updates, MSRT, Defender Definitions, Junk Mail Filter ... – PowerPoint PPT presentation

Number of Views:101
Avg rating:3.0/5.0
Slides: 15
Provided by: dc214D
Category:

less

Transcript and Presenter's Notes

Title: PREVIOUS GNEWS


1
PREVIOUS GNEWS
2
  • 7 Patches x bugs addressed
  • Affecting Word, Outlook, Publisher, Jet DB
    Engine, IE, Windows
  • Other updates, MSRT, Defender Definitions, Junk
    Mail Filter
  • 8 Security Patches - 5 Critical, 1 Moderate
  • MS08-030 Bluetooth Stack - Remote Code
    Execution
  • MS08-031 IE Cumulative Security Update
  • MS08-032 ActiveX Kill Bits Cumulative Security
    Update
  • MS08-033 DirectX - Remote Code Execution
  • MS08-034 WINS - Elevation of Privilege
  • MS08-035 Active Directory - Denial of Service
  • MS08-036 Pragmatic General Multicast (PGM) -
    Denial of Service
  • re-released MS06-078 and MS07-068 with a
    detection only change

3
Holes / Patches
  • Apple 2008-003
  • Apple QuickTime 7.5
  • Apple Safari on Windows
  • Apple iCal
  • Apple iPhone 2
  • snort ip fragment reassembly / ttl evasion
  • openssl tls vulns, server_name set to 0x00 in
    handshake
  • Samba, boundary error in "receive_smb_raw()"
  • Adobe Flash 9 0-day
  • OpenOffice, integer overflow in
    "rtl_allocateMemory()"
  • Sun Java Active Server Pages, Multiple Vulns

4
Hacking
  • Sample Code in RFC 3414 (snmp) contains overflow
  • rustock.c, russian rootkit, undetected record of
    1.5 years
  • Cisco Router Rootkit? Sebastian Muniz - EuSecWest
  • New JavaScript engine, Squirrelfish
  • OSWA Organizational Wireless System Auditor,
    Live CD

5
Corp. Hell
  • L-1 Identity Solutions Inc. to produce RFID
    Passport Card
  • Todd Davis gets sued
  • Comcast invests in GridNetworks (a P2P start-up)
  • Comcast web and email hacked, Defiant and EBK
  • Dave Busters, Packet sniifers on PoS terminals
  • Barracuda offers buyout of SourceFire, SF rejects
  • Nvidia enters mobile processor market
  • Tumbleweed bought by Sopra Group (french)
  • Canada charges Facebook with privacy infringement
  • Explosion at The Planet houston data center

6
Papers
  • Apple Security Guide for OS X 1.5 Leopard
  • NIST IT Security Configuration Scoring (call for
    input)

7
Film / Music
  • NBC turns on Broadcast Flag
  • Staples to sell 5 flexplay divx DVDs

8
WTF
  • UK calls for a total phone usage database
  • Launch of Google Health
  • California man makes 50k opening accounts,
    arrested
  • TSA ID rule change, refuse id check, get banned

9
Legal
  • MySpace suicide case, poses rocky precedence
  • Anti-Counterfeiting Trade Agreement, ACTA
  • Pirate-bay Killer?
  • GPLv3 gets more legal attention
  • Proprietary software / patents

10
Updates
  • Ulteo Virtual Desktop, Linux virtualization on
    Windows
  • blender 2.46, 3d animation
  • rtpBreak 1.3a, rtp sniffer
  • xprobe 2
  • WebKnight, mod_security for IIS
  • Nessus 3.2.1, does not work with freebsd 6
  • technet opened to community contributions
  • Snort 2.8.2
  • maltego videos
  • openssl 0.9.8h
  • kismet 2008-05-R1
  • opera 9.5 promises built-in malware protection
  • Axban, ActiveX Killbit tool

11
CON Events
  • Completed Cons
  • Layerone, 17 18 May / Pasadena CA
  • DallasCon 2008, TBD / Dallas , TX
  • AusCERT 2008, 18 - 23 May / Gold Coast AU
  • EuSecWest, 28 May London UK

12
CON Results
  • EuSecWest Hardware Flashing
  • EuSecWest Cisco RootKit
  • BlackHat Preview and Webcast

13
CON Events
  • Future Cons
  • HOPE 7, 18 - 20 July / New York NY
  • USENIX 17th Security Symposium, 28 July - 1 Aug /
    San Jose CA
  • REcon 2008, 13 15 June / Montreal CA
  • Black Hat USA, 2 - 7 Aug / Las Vegas NV
  • DefCon, 8 - 10 August / Las Vegas NV
  • Chaos Communications Camp, TBD / Berlin

14
All images scavenged without permission
All images scavenged without permission
Write a Comment
User Comments (0)
About PowerShow.com