PREVIOUS GNEWS

1
PREVIOUS GNEWS
2

• 7 Patches x bugs addressed
• Affecting Word, Outlook, Publisher, Jet DB
  Engine, IE, Windows
• Other updates, MSRT, Defender Definitions, Junk
  Mail Filter

• 8 Security Patches - 5 Critical, 1 Moderate
• MS08-030 Bluetooth Stack - Remote Code
  Execution
• MS08-031 IE Cumulative Security Update
• MS08-032 ActiveX Kill Bits Cumulative Security
  Update
• MS08-033 DirectX - Remote Code Execution
• MS08-034 WINS - Elevation of Privilege
• MS08-035 Active Directory - Denial of Service
• MS08-036 Pragmatic General Multicast (PGM) -
  Denial of Service
• re-released MS06-078 and MS07-068 with a
  detection only change

3
Holes / Patches

• Apple 2008-003
• Apple QuickTime 7.5
• Apple Safari on Windows
• Apple iCal
• Apple iPhone 2
• snort ip fragment reassembly / ttl evasion
• openssl tls vulns, server_name set to 0x00 in
  handshake
• Samba, boundary error in "receive_smb_raw()"
• Adobe Flash 9 0-day
• OpenOffice, integer overflow in
  "rtl_allocateMemory()"
• Sun Java Active Server Pages, Multiple Vulns

4
Hacking

• Sample Code in RFC 3414 (snmp) contains overflow
• rustock.c, russian rootkit, undetected record of
  1.5 years
• Cisco Router Rootkit? Sebastian Muniz - EuSecWest
• New JavaScript engine, Squirrelfish
• OSWA Organizational Wireless System Auditor,
  Live CD

5
Corp. Hell

• L-1 Identity Solutions Inc. to produce RFID
  Passport Card
• Todd Davis gets sued
• Comcast invests in GridNetworks (a P2P start-up)
• Comcast web and email hacked, Defiant and EBK
• Dave Busters, Packet sniifers on PoS terminals
• Barracuda offers buyout of SourceFire, SF rejects
• Nvidia enters mobile processor market
• Tumbleweed bought by Sopra Group (french)
• Canada charges Facebook with privacy infringement
• Explosion at The Planet houston data center

6
Papers

• Apple Security Guide for OS X 1.5 Leopard
• NIST IT Security Configuration Scoring (call for
  input)

7
Film / Music

• NBC turns on Broadcast Flag
• Staples to sell 5 flexplay divx DVDs

8
WTF

• UK calls for a total phone usage database
• Launch of Google Health
• California man makes 50k opening accounts,
  arrested
• TSA ID rule change, refuse id check, get banned

9
Legal

• MySpace suicide case, poses rocky precedence
• Anti-Counterfeiting Trade Agreement, ACTA
• Pirate-bay Killer?
• GPLv3 gets more legal attention
• Proprietary software / patents

10
Updates

• Ulteo Virtual Desktop, Linux virtualization on
  Windows
• blender 2.46, 3d animation
• rtpBreak 1.3a, rtp sniffer
• xprobe 2
• WebKnight, mod_security for IIS
• Nessus 3.2.1, does not work with freebsd 6
• technet opened to community contributions
• Snort 2.8.2
• maltego videos
• openssl 0.9.8h
• kismet 2008-05-R1
• opera 9.5 promises built-in malware protection
• Axban, ActiveX Killbit tool

11
CON Events

• Completed Cons
• Layerone, 17 18 May / Pasadena CA
• DallasCon 2008, TBD / Dallas , TX
• AusCERT 2008, 18 - 23 May / Gold Coast AU
• EuSecWest, 28 May London UK

12
CON Results

• EuSecWest Hardware Flashing
• EuSecWest Cisco RootKit
• BlackHat Preview and Webcast

13
CON Events

• Future Cons
• HOPE 7, 18 - 20 July / New York NY
• USENIX 17th Security Symposium, 28 July - 1 Aug /
  San Jose CA
• REcon 2008, 13 15 June / Montreal CA
• Black Hat USA, 2 - 7 Aug / Las Vegas NV
• DefCon, 8 - 10 August / Las Vegas NV
• Chaos Communications Camp, TBD / Berlin

14
All images scavenged without permission
All images scavenged without permission