1. PREVIOUS GNEWS

2. Feb - 9 Patches – 3 Critical - 55 CVEs MS15-009 - Update for Internet Explorer MS15-010 - Windows Kernel-Mode Driver, Remote Code MS15-011 - Group Policy, Remote Code MS15-012 - Microsoft Office, Remote Code MS15-013 - Microsoft Office, Security Bypass MS15-014 - Group Policy, Security Bypass MS15-015 - Microsoft Windows, Privilege Escalation MS15-016 - Microsoft Graphics Component, Info Disclosure MS15-017 - Virtual Machine Manager, Privilege Escalation Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday

3. Oracle –159 CVEs –8 Virtual Box –9 MySQL –19 Java Adobe –APSA15-02 – Flash Player (1) –APSB15-03 – Flash Player (1) –APSB15-03 – Flash Player (2) –APSB15-04 – Flash Player (18) Apple, –Apple TV 7.0.3 –iOS 8.1.3 –Safari 8.0.3, 7.1.3, 6.2.3 –OSX 10.10.2 –Security Update 2015-001 Cisco –IOS Kernel Timer –Unified IP Phone 9900 multi-vuln –WebEx Meetings Server multi-vuln –AnyConnect xss VMWare –VMSA-2015-001 – vSphere cert validation (1) –VMSA-2015-002 – ESXi, WorkStation, Player, Fusion (8, openssl) VLC Player –XP Only, DEP violation / write access Verizon MyFIOS app –Email account exposure Holes / Patches

4. GE SCADA switches have hard coded SSL key GmbH Harts multiple vulns Schneider more patches Schneider hardcoded passwds Daktronics hardcoded passwds Siemens Simatic PLC, patches Gas Station Hacking malware goes airborne KL-Remote AirPort Parking Progressive SnapShot McAfee ATD sandbox bypass look ma, i rooted the microwave router bricks godaddy Hacking

5. istegsiri lizardsquad dos stressor bugs Mozilla meta referrer tesla keyless start Apple 0-days fix for thunderbolt? android wifi direct GNU C Library blackphone bug adobe 0-day outlook app launched and shot BMW remote unlock ie xss 0-day Pirelli home routers vulnerable angler exploit kit Hacking

6. Verizon / Turn UIDH (perma cookie) EFF Helpful App List Cookie program to be disbanded Google project zero drops two more bugs for MS Blue Cross TN uses data without consent Park N Fly (used at DFW) plex streaming on PS3/4 ThreatStream Optic and Maltego plugin BitCoin comes to POS Bitcoin now on wall street windows 10 claims to be last upgrade ever Ships MasterCard, accepted everywhere, and now in cuba WingStop GP hcaked Facebook censorship CORP

7. MS backs cyanogen?? cause what can go wrong with wireless? reddit transparency report Bye Bye RadioShack, thanks for all the signals Anthem 80 million breach GPG gets cash infusion Cheezburger transparency report turbo tax freezes state filing Corp

8. CFAA amendment Rise Up https://help.riseup.net/en/about-us Google and PWC to host.mil HIE ENISA EU Threat Report How does payment assistance really work? brits label journalists as threats barret brown - 63 months cops don't like trackers death of opt-in GPS?? ToR 80% pedo rebirth of bad SAVE Act more on patriot expiration Canarywatch.org FCC Title ii DARPA Memex Govt

9. Crypto Currrency block chain http://radar.oreilly.com/2015/01/understanding-the-blockchain.html more blockchain talk http://radar.oreilly.com/2015/01/the-3ps-of-the-blockchain-platforms-programs-and-protocols.html http://coincenter.org/2015/01/reporting-back-blockchain-workshops-mit-harvard/ Automated Defense - Using Threat Intelligence to Augment https://www.sans.org/reading-room/whitepapers/threats/automated-defense-threat-intelligence- augment-35692 State of The Union Transcript http://www.securityorb.com/transcript-president-barack-obamas-state-union-speech Regin analysis http://securelist.com/blog/research/68438/an-analysis-of-regins-hopscotch-and-legspin/ NSA best practices https://www.nsa.gov/ia/_files/factsheets/Defending_Against_Destructive_Malware.pdf NIST Crypto Guide http://www.healthcareinfosecurity.com/nist-revises-crypto-standards-guide-a-7831 http://csrc.nist.gov/publications/drafts/nistir-7977/nistir_7977_second_draft.pdf NIST Mobile Applications http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-163.pdf Papers

10. Scada history? https://www.sans.org/reading-room/whitepapers/physical/abbreviated-history-automation-industrial- controls-system-cybersecurity-35697 Cisco 2015 security report http://www.cisco.com/web/offers/pdfs/cisco-asr-2015.pdf MS info sharing guidlines http://blogs.microsoft.com/cybertrust/2015/01/27/putting-information-sharing-into-context/ RSA Report http://www.emc.com/collateral/fraud-report/h13929-rsa-fraud-report-jan-2015.pdf?M=125EAA47- 0C46-43EA-8607-9FACA6B1C627 Detecting coin miners https://www.sans.org/reading-room/whitepapers/threats/detecting-crypto-currency-mining-corporate- environments-35722 The Integration of Information Security to FDA and GAMP 5 Validation Processes https://www.sans.org/reading-room/whitepapers/policyissues/integration-information-security-fda- gamp-5-validation-processes-35732 Ed Markey Senate report http://www.markey.senate.gov/imo/media/doc/2015-02-06_MarkeyReport- Tracking_Hacking_CarSecurity%202.pdf Papers

11. CASL "It is now illegal to install programs, such as malware, on someone's computer without consent." http://www.fightspam.gc.ca/eic/site/030.nsf/eng/home WTF!?

12. Flink (hadoop like analysis engine) https://flink.apache.org/ PHP 5.6.5 http://php.net/ R shinydashboard http://rstudio.github.io/shinydashboard/ Hound (source code search) https://github.com/etsy/Hound GParted http://gparted.sourceforge.net/ Army Dshell (forensics) https://github.com/USArmyResearchLab/Dshell capstone 3.0.1 (disassembly) http://capstone-engine.org/Version-3.0.1.html NST 20-6535 / Kali 1.1.0 Tools

13. Guide http://securityintelligence.com/guide-to-2015-conferences-and-events- for-security-professionals Hack In Paris 2015 CFP Shmoo cottonmouth-1 vs turnipschool (usb cable) IE Heap protection bypass Shmoo vidieos https://archive.org/details/shmoocon-2015-videos-playlist HITB white-paper-using-intel-txt-attack-bioses white-paper-extreme-privilege-escalation-windows-8uefi-systems Cons Past

14. B-Sides Austin12 – 13 Mar CanSecWest18 - 20 Mar InfoSec Southwest10 – 12 Apr B-Sides Nashville11 Apr B-Sides San Antonio? May ThotCon 0x614 – 15 May PenTest Austin (SANS)18 – 23 May DefCon 236 – 9 Aug Cons Future

15. DHA ( 1 st Wednesday / Tavern on Main, richardson ) TX2600 ( 1 st Fri / Wild Turkey 35&WalnutHill, dallas ) (1 st Fri / 1418 Coffeehouse, plano) The Lab.MS ( 2 nd Monday / varies, plano ) Crypto Party ( 3 rd Thursday / Improving Enterprises, addison ) NAISG ( 4 th Thursday / CrossPointe Theatre, carrollton ) LockPick DFW ( Last Monday / looking for new spot, dallas ) Dallas MakerSpace Random / carrollton Local

16. All images scavenged without permission