 

Apr - 8 Patches – 2 Critical - 45 CVEs MS Cumulative Security Update for IE, Remote Code MS Windows Media Player, Remote Code MS Office, Remote Code MS Common Controls, Remote Code MS Kernel-Mode Drivers, Privilege Escalation MS ADFS, Privilege Escalation MS Windows Kernel, Privilege Escalation MS Exchange, Privilege Escalation Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday

MS GPO still vulnerable? Just when you thought you could trust MS Embedded C&C address on TechNet MS adds search protection to malware attributes Windows 10 and Edge features MemGC (Memory Garbage Collection), use-after-free defense CFG (Control Flow Guard), jump governer EPM (Enhanced Protected Mode) – app container sandbox "Thus Microsoft Edge provides no support for VML, VB Script, Toolbars, BHOs, or ActiveX." --- points to html5 win10 sec features App Store vetting ‘Windows Hello’, biometric auth ‘Device Guard’, non signed application blocking Passport, two-factor-ish?? PFS comes to Windows via Update SSH comes to Powershell Mo’ Micro’

Oracle –14 Jul Adobe –APSB15-11 Flash Player (13 CVE) Apple –The Good Watch OS 1.01 (13 CVE) –The Bad Apple Watch, 1 second window iPhone string DoS apple suspend resume flaw Pidgin, multiple vulns Cisco –TelePresence –FireSSIGHT VMWare –VMSA Fusion and Horizon View (7 CVE) VirtualBox Patch for Venom Holes / Patches

Google App Engine Android address bar spoof Android reset exposes data Plane hacks not only in lab CSFR in wind turbines Mass car lock disruption IM-ME hacks all the garages trojanized putty in wild Logjam - another ssl vuln GiftCard race conditions and eternal hate toward notification NetUSB on soho routers vuln soho csrf via dns dlink storage Linux.Moose mumblehard - linux/freebsd NitlovePOS via spam campaigns ransomware auth, drops keys tox SaaS ransomware stegpsploit keybase Drug pump update, can change dosage Hacking

Penn State disconnects after china attack AFF Hacked –Politicians called out IRS breach FF Smart TV Uber, plaintext passwd via NYXBT - bitcoin index Dynamic CVV?? Hyundai offers android in car Threat intel and the lie of sharing PaloAlto buys CirroCecure Hot Topic buys Thinkgeek Nokia to buy Alcatel/Lucent Google attempts to address excessive app permissions Intel joins FIDO alliance FB PGP FB forces sha2 after oct 1 Ikea to sell "hacking kits" Tesla bug bounty Corp

Security as munitions redux - Wassenaar Agreement, bad mod to CFAA –"Specifically, the BIS proposal seeks to regulate and control the export of what it calls intrusion software..." bye-bye bug bounties, hello wassenaar Anti-SLAPP Bill VA state launches car hacking project CA County sheriff like the stingray 215 not reauthorized California bitcoin bill OPM breach, 4 mil feds Govt

IEEE Medical Guidance Federal Regulations on Energy Grid electrical-energy-grid/ electrical-energy-grid-part-2-of-2/ no more passwd cracking IC3 crime report maturity model modeling ponemon breach cost study Papers

Subway dye sprayer Slow crime day? Soctland Yard frets xfiles WTF!?

Tools DataApp mobile data sniffer PTF pentesters framework openOCD debugger Intercept launches firstlook.org open code repo AutoCanary PDF Redact Tools

HITB Amsterdam PeopleSoft Information Warfare Summit (IWS) 7 Oct 2015 OKC shomecon ThotCon 0x6 PenTest Austin (SANS) Cons Past

DefCon 236 – 9 Aug SCADA Nexus2-3 Sep Hacker Halted13 Sep DerbyCon23-27 Sep IT Security one2one Summit4-6 Oct Root-66 3 Nov B-Sides DFWTBD Cons Future

DHA ( 1 st Wednesday / Tavern on Main, richardson ) TX2600 ( 1 st Fri / Wild Turkey 35&WalnutHill, dallas ) (1 st Fri / 1418 Coffeehouse, plano) The Lab.MS ( 2 nd Monday / varies, plano ) Crypto Party ( 3 rd Thursday / Improving Enterprises, addison ) NAISG ( 4 th Thursday / CrossPointe Theatre, carrollton ) LockPick DFW ( Last Monday / looking for new spot, dallas ) Dallas MakerSpace Random / carrollton Local

All images scavenged without permission