Upload
bernard-ward
View
213
Download
0
Embed Size (px)
Citation preview
PREVIOUS GNEWS
• 7 Patches – 1 Critical
• Affecting server builds and powerpoint
Other updates, MSRT, Defender Definitions, Junk Mail Filter
– MS12-001 Windows Kernel,Security Feature Bypass– MS12-002 Windows Object Packager, Remote Code Execution – MS12-003 Windows Client/Server Run-time Subsystem, Elevation of Privilege– MS12-004 Windows Media, Remote Code Execution – MS12-005 Microsoft Windows, Remote Code Execution – MS12-006 SSL/TLS, Information Disclosure – MS12-007 AntiXSS Library, Information Disclosure
Patch Tuesday
• Oracle Patches , Due out 17 Jan
• Adobe, 1 patch– APSB11-30 Adobe Reader and Acrobat– APSB12-01 Adobe Reader and Acrobat
• Apple,– iTunes 10.5.1 (nov)– iOS 5.0.1 (nov)
• Cisco– Cisco WebEx Player Recording File Processing Arbitrary
Code Execution Vulnerability
• OpenSSL
Holes / Patches
• Stratfor– 200 gb of data
• Lilupophilupop– Sql inject 100+ websites
• Still more anonymous
• Symantec source code– down played due to “old” versions– Lords of Dharmaraja (praised as new and improved anonymous)
• Shodan used for scada dorks– http://www.shodanhq.com/search?q=simatic+HMI
• High Gear shuts down, cars stolen
• Smart Meter allows modification of usage
Hacking
• Shodan used for scada dorks– http://www.shodanhq.com/search?q=simatic+HMI
• High Gear shuts down, cars stolen
• Japan creates whitehat virus– But can they use it?
• iOS 5 jailbreak
• Apple iOS apps ported to AppleTV
• Hackers building their own satellite
• Ramnit Worm and more……
Hacking
• Oracle buys DB FW firm
• Diebold to virtualize ATMs
• Window 8– Password vault– New non-alpha-numeric password system
• French President called out of illegal downloads
Corp.
Apple powercord password recovery patent
or if you built your gear with usb ports you could use a keyfob
LegalSOPA – the new badness
GoDaddy boycott
Support – nbc universal, pfizer, ford, nba…
Opposed – google, yahoo, facebook, twitter, aol, ebay…
yes there are new tools….. somewhere
Updates
CON Events28C3
All images scavenged without permission
All images scavenged without permission