1. PREVIOUS GNEWS

2. ? Patches – ? Critical – ? CVEs Affected – ? Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday

3. Oracle, 128 fixes –42 just for Java Adobe –none Apple, –Safari 6.0.4 –Java Cisco –Unified Communications, multiple –Prime Central, multiple –NX-OS, multiple –IOS, multiple –ASA, multiple Holes / Patches

4. IE Apache Holes / Patches

5. car chargers bing for malware FB Home, it's inevitable FAA denies airplane hack could work NJ Senator calls for investigation apple pirate store anonymous news site google glass jail broken Hacking

6. Can we get a desktop please malwarebytes screws the pooch Japan asks ISPs to block tor Avast launches bug bounty program NASA sponsored global hackathon Criagslist eff star chart google big data on wheels Corp

7. EA Games mines all your bit coins FTC calls for andriod patch investigation McAfee to buy stonesoft Bittorrent Sync Corp

8. CISPA CISPA ammendment approved in house CISPA killed in senate CFAA stalled for now pirate bay founder on theft / hacking charges WIPO broadcast treaty no hack hacking force taps dutch my open door for cop hack back Legal

9. Papers Snort OSSIM integration http://blog.snort.org/2013/04/integrating-snort-and-alienvault-ossim.html analyzing h323 traffic. https://www.sans.org/reading_room/whitepapers/protocols/analyzing-polycom-video-conference-traffic_34167 exploiting soho routers http://securityevaluators.com//content/case-studies/routers/soho_router_hacks.jsp use of IOC https://www.sans.org/reading_room/whitepapers/incident/ioc-indicators-compromise-malware-forensics_34200 Firewall review https://www.sans.org/reading_room/whitepapers/auditing/methodology-firewall-reviews-pci-compliance_34195 MS intell report http://www.microsoft.com/security/sir/default.aspx verizon data breach report http://www.verizonenterprise.com/DBIR/2013/

10. Papers Symantec threat report https://www.symantec.com/security_response/publications/threatreport.jsp NIST Update Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf UEFI hacking https://www.sans.org/reading_room/whitepapers/services/analysis-building-blocks-attack-vectors-unified- extensible-firmware_34215 mobile malware lab http://resources.infosecinstitute.com/portable-malware-lab-for-beginners/ bitcoin 101 http://resources.infosecinstitute.com/how-to-profit-illegally-from-bitcoin-cybercrime-and-much-more/ search engine hacking http://resources.infosecinstitute.com/search-engine-hacking-manual-and-automation/rr

11. pentesting http://it.toolbox.com/blogs/securitymonkey/excellent-web-pentesting-education-materials-and-free- 55541?rss=1 google inactive account manager http://nakedsecurity.sophos.com/2013/04/15/google-data-after-you-die disconnect 2 https://disconnect.me/ lynis http://www.unixmen.com/audit-the-security-of-your-unixlinux-systems-using-lynis/ windows debugg http://www.smidgeonsoft.prohosting.com/software.html REMnux http://zeltser.com/remnux/ ibm homo encryption http://news.hitb.org/content/ibm-takes-big-new-step-cryptography-practical-homomorphic-encryption debian 7.0 tools

12. Ooops WTF

13. CON Events carolina con http://it.toolbox.com/blogs/securitymon key/macgyveresque-weapon- building-in-airports-55540?rss=1 shmoo vids http://it.toolbox.com/blogs/securitymon key/did-you-miss-shmoocon-2013- videos-are-online-55539?rss=1 HITB Amsterdam http://conference.hitb.org/hitbsecconf2 013ams/materials/FB0auth http://news.hitb.org/content/story- 9500-bug-facebook-oauth-20 http://conference.hitb.org/hitbsecconf2 013ams/materials/D2T1%20- %20Andrey%20Labunets%20and %20Egor%20Homakov%20- %20OAuth%202.0%20and%20the %20Road%20to%20XSS.pdf infiltrate 2013 http://infiltratecon.com/ root-66 root-66.org breakpoint 2013 call for papers http://www.ruxconbreakpoint.com/

14. All images scavenged without permission