1.  

2. Apr - 8 Patches – 2 Critical - 45 CVEs MS15-056 - Cumulative Security Update for IE, Remote Code MS15-057 - Windows Media Player, Remote Code MS15-059 - Office, Remote Code MS15-060 - Common Controls, Remote Code MS15-061 - Kernel-Mode Drivers, Privilege Escalation MS15-062 - ADFS, Privilege Escalation MS15-063 - Windows Kernel, Privilege Escalation MS15-064 - Exchange, Privilege Escalation Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday

3. MS15-011 GPO still vulnerable? Just when you thought you could trust MS Embedded C&C address on TechNet MS adds search protection to malware attributes Windows 10 and Edge features MemGC (Memory Garbage Collection), use-after-free defense CFG (Control Flow Guard), jump governer EPM (Enhanced Protected Mode) – app container sandbox "Thus Microsoft Edge provides no support for VML, VB Script, Toolbars, BHOs, or ActiveX." --- points to html5 win10 sec features App Store vetting ‘Windows Hello’, biometric auth ‘Device Guard’, non signed application blocking Passport, two-factor-ish?? PFS comes to Windows via Update 3042058 SSH comes to Powershell Mo’ Micro’

4. Oracle –14 Jul Adobe –APSB15-11 Flash Player (13 CVE) Apple –The Good Watch OS 1.01 (13 CVE) –The Bad Apple Watch, 1 second window iPhone string DoS apple suspend resume flaw Pidgin, multiple vulns Cisco –TelePresence –FireSSIGHT VMWare –VMSA-2015-0004 Fusion and Horizon View (7 CVE) VirtualBox Patch for Venom Holes / Patches

5. Google App Engine Android address bar spoof Android reset exposes data Plane hacks not only in lab CSFR in wind turbines Mass car lock disruption IM-ME hacks all the garages trojanized putty in wild Logjam - another ssl vuln GiftCard race conditions and eternal hate toward notification NetUSB on soho routers vuln soho csrf via dns dlink storage Linux.Moose mumblehard - linux/freebsd NitlovePOS via spam campaigns ransomware auth, drops keys tox SaaS ransomware stegpsploit keybase Drug pump update, can change dosage Hacking

6. Penn State disconnects after china attack AFF Hacked –Politicians called out IRS breach FF Smart TV Uber, plaintext passwd via email NYXBT - bitcoin index Dynamic CVV?? Hyundai offers android in car Threat intel and the lie of sharing PaloAlto buys CirroCecure Hot Topic buys Thinkgeek Nokia to buy Alcatel/Lucent Google attempts to address excessive app permissions Intel joins FIDO alliance FB PGP FB forces sha2 after oct 1 Ikea to sell "hacking kits" Tesla bug bounty Corp

7. Security as munitions redux - Wassenaar Agreement, bad mod to CFAA –"Specifically, the BIS proposal seeks to regulate and control the export of what it calls intrusion software..." bye-bye bug bounties, hello wassenaar Anti-SLAPP Bill VA state launches car hacking project CA County sheriff like the stingray 215 not reauthorized California bitcoin bill OPM breach, 4 mil feds Govt

8. IEEE Medical Guidance https://threatpost.com/researchers-ieee-release-medical-device-security-guidelines/112885 Federal Regulations on Energy Grid http://www.securityorb.com/the-impact-of-federal-regulations-on-the-information-assurance-of-the-north-american- electrical-energy-grid/ http://www.securityorb.com/the-impact-of-federal-regulations-on-the-information-assurance-of-the-north-american- electrical-energy-grid-part-2-of-2/ no more passwd cracking https://www.meshekah.com/research/publications_files/tr_ersatz_passwords.pdf IC3 crime report http://www.fbi.gov/news/news_blog/2014-ic3-annual-report maturity model https://www.sans.org/reading-room/whitepapers/modeling/improving-detection-prevention-response-security-maturity- modeling-35985 ponemon breach cost study http://public.dhe.ibm.com/common/ssi/ecm/se/en/sew03053wwen/SEW03053WWEN.PDF Papers

9. Subway dye sprayer http://www.wearealwayslistening.com/ Slow crime day? Soctland Yard frets xfiles WTF!?

10. Tools DataApp mobile data sniffer PTF pentesters framework openOCD 0.9.0 debugger Intercept launches firstlook.org open code repo AutoCanary PDF Redact Tools

11. HITB Amsterdam PeopleSoft Information Warfare Summit (IWS) 7 Oct 2015 OKC shomecon ThotCon 0x6 PenTest Austin (SANS) Cons Past

12. DefCon 236 – 9 Aug SCADA Nexus2-3 Sep Hacker Halted13 Sep DerbyCon23-27 Sep IT Security one2one Summit4-6 Oct Root-66 3 Nov B-Sides DFWTBD Cons Future

13. DHA ( 1 st Wednesday / Tavern on Main, richardson ) TX2600 ( 1 st Fri / Wild Turkey 35&WalnutHill, dallas ) (1 st Fri / 1418 Coffeehouse, plano) The Lab.MS ( 2 nd Monday / varies, plano ) Crypto Party ( 3 rd Thursday / Improving Enterprises, addison ) NAISG ( 4 th Thursday / CrossPointe Theatre, carrollton ) LockPick DFW ( Last Monday / looking for new spot, dallas ) Dallas MakerSpace Random / carrollton Local

14. All images scavenged without permission