1. PREVIOUS GNEWS

2. 7 Patches – 3 Critical – 23 CVEs Affected – RDP, IE, Lync, Windows Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS12-036 Remote Desktop, Remote Code Execution –MS12-037 Cumulative Security Update for Internet Explorer –MS12-038.NET Framework, Remote Code Execution –MS12-039 Lync, Remote Code Execution –MS12-040 Microsoft Dynamics AX Enterprise Portal, Remote Code Execution –MS12-041 Windows Kernel-Mode Drivers, Elevation of Privilege –MS12-042 Windows Kernel, Elevation of Privilege Patch Tuesday

3. Oracle, due out 17 July Adobe –APSB12-14 Hotfix for ColdFusion 9.01 and older –APSB12-15 Adobe Flash Player Apple, –FlashBack Removal Update –Leopard Security Update 2012-003 –QuickTime 7.7.2 –iTunes 10.6.3 –Java Update Cisco –ASA 5500 information disclousure –Small Business Devices XSS / Meeting Place Login XSS –IOS XR DoS Holes / Patches

4. mobile maleware genome project MS out of band path certs/flame flame and stuxnet link? –Kaspersky confirms mysql auth bypass Hacking

5. disa to pilot DoD mobile network –unclass and class nets Nytimes claims stuxnet was us based Linkedin iOS app siphons data Linkedin password breach google to notify dnschanger victims apple filters word jailbreak Corp

6. Papers secure aws http://www.infosecwriters.com/texts.php?op=display&id=662 max benefit from pentest http://www.infosecwriters.com/texts.php?op=display&id=661 fbi bitcoin http://www.wired.com/images_blogs/threatlevel/2012/05/Bitcoin-FBI.pdf Common vuln reporting framework http://www.icasi.org/cvrf-1.1 bitcoin http://news.hitb.org/content/bitcoins-worth-87000-plundered-brazen-server-breach Robots https://www.sans.org/reading_room/whitepapers/awareness/robotstxt_33955 dangerous http methods https://www.sans.org/reading_room/whitepapers/testing/penetration-testing-web-application- dangerous-http-methods_33945 risk assessment for social media https://www.sans.org/reading_room/whitepapers/privacy/risk- assessment-social-media_33940 NIST Cloud Guidance http://csrc.nist.gov/publications/PubsSPs.html#800-146 http://www.nist.gov/manuscript-publication- search.cfm?pub_id=911075 ios5 security [1] http://images.apple.com/ipad/business/docs/iOS_Security_May 12.pdf [2] http://www.nsa.gov/ia/mitigation_guidance/security_configurati on_guides/operating_systems.shtml biomed devices http://www.secure-medicine.org/icd-study/icd-study.pdf covert channels on social net https://www.sans.org/reading_room/whitepapers/engineering/cove rt-channels-social-networks_33960 imperva anonymous http://www.imperva.com/docs/HII_The_Anatomy_of_an_Anonymo us_Attack.pdf

7. Papers risk assessment for social media https://www.sans.org/reading_room/whitepapers/privacy/risk-assessment-social-media_33940 NIST Cloud Guidance http://csrc.nist.gov/publications/PubsSPs.html#800-146 http://www.nist.gov/manuscript-publication-search.cfm?pub_id=911075 ios5 security http://images.apple.com/ipad/business/docs/iOS_Security_May12.pdf http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/operating_systems.s html biomed devices http://www.secure-medicine.org/icd-study/icd-study.pdf covert channels on social net https://www.sans.org/reading_room/whitepapers/engineering/covert-channels-social- networks_33960 imperva on anonymous http://www.imperva.com/docs/HII_The_Anatomy_of_an_Anonymous_Attack.pdf

8. elcomsoft http://www.dfinews.com/article/elcomsoft-provides-forensic-access-icloud- backups evidence finder http://www.dfinews.com/article/jad-software-releases-ief-54 emet v3 https://blogs.technet.com/b/srd/archive/2012/05/15/introducing-emet- v3.aspx?Redirected=true SET http://www.social- engineer.org/framework/Computer_Based_Social_Engineering_Tools:_Soci al_Engineer_Toolkit_%28SET%29 truecrack https://code.google.com/p/truecrack/ passfault http://passfault.com/ tools

9. CON Events DefCon 20 https://www.defcon.org/

10. All images scavenged without permission