PREVIOUS GNEWSPREVIOUS GNEWS

• 7 Patches – x bugs addressed

• Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows

• Other updates, MSRT, Defender Definitions, Junk Mail Filter

• 8 Security Patches - 5 Critical, 1 Moderate– MS08-030 – Bluetooth Stack - Remote Code Execution – MS08-031 – IE Cumulative Security Update– MS08-032 – ActiveX Kill Bits Cumulative Security Update– MS08-033 – DirectX - Remote Code Execution – MS08-034 – WINS - Elevation of Privilege– MS08-035 – Active Directory - Denial of Service – MS08-036 –Pragmatic General Multicast (PGM) - Denial of

Service

– re-released MS06-078 and MS07-068 with a detection only change

Holes / Patches• Apple 2008-003

• Apple QuickTime 7.5

• Apple Safari on Windows

• Apple iCal

• Apple iPhone 2

• snort ip fragment reassembly / ttl evasion

• openssl tls vulns, server_name set to 0x00 in handshake

• Samba, boundary error in "receive_smb_raw()"

• Adobe Flash 9 0-day

• OpenOffice, integer overflow in "rtl_allocateMemory()"

• Sun Java Active Server Pages, Multiple Vulns

Hacking • Sample Code in RFC 3414 (snmp) contains overflow

• rustock.c, russian rootkit, undetected record of 1.5 years

• Cisco Router Rootkit? Sebastian Muniz - EuSecWest

• New JavaScript engine, Squirrelfish

• OSWA – Organizational Wireless System Auditor, Live CD

Corp. Hell• L-1 Identity Solutions Inc. to produce RFID Passport Card

• Todd Davis gets sued

• Comcast invests in GridNetworks (a P2P start-up)• Comcast web and email hacked, Defiant and EBK

• Dave & Busters, Packet sniifers on PoS terminals

• Barracuda offers buyout of SourceFire, SF rejects

• Nvidia enters mobile processor market

• Tumbleweed bought by Sopra Group (french)

• Canada charges Facebook with privacy infringement

• Explosion at ‘The Planet’ houston data center

Papers

• Apple Security Guide for OS X 1.5 Leopard

• NIST IT Security Configuration Scoring (call for input)

Film / Music

• NBC turns on “Broadcast Flag”

• Staples to sell $5 flexplay divx DVDs

WTF

• UK calls for a total phone usage database

• Launch of Google Health

• California man makes $50k opening accounts, arrested

• TSA ID rule change, refuse id check, get banned

• MySpace suicide case, poses rocky precedence

• Anti-Counterfeiting Trade Agreement, ACTA– Pirate-bay Killer?

• GPLv3 gets more legal attention– Proprietary software / patents

Legal

• Ulteo Virtual Desktop, Linux virtualization on Windows

• blender 2.46, 3d animation

• rtpBreak 1.3a, rtp sniffer

• xprobe 2

• WebKnight, mod_security for IIS

• Nessus 3.2.1, does not work with freebsd 6

• technet opened to community contributions

• Snort 2.8.2

• maltego videos

• openssl 0.9.8h

• kismet 2008-05-R1

• opera 9.5 promises built-in malware protection

• Axban, ActiveX Killbit tool

Updates

CON Events

• Completed Cons– Layerone, 17 – 18 May / Pasadena CA– DallasCon 2008, TBD / Dallas , TX– AusCERT 2008, 18 - 23 May / Gold Coast AU– EuSecWest, 28 May – London UK

CON Results

• EuSecWest – Hardware Flashing

• EuSecWest – Cisco RootKit

• BlackHat Preview and Webcast

CON Events

• Future Cons– HOPE 7, 18 - 20 July / New York NY– USENIX 17th Security Symposium, 28 July - 1

Aug / San Jose CA– REcon 2008, 13 – 15 June / Montreal CA– Black Hat USA, 2 - 7 Aug / Las Vegas NV– DefCon, 8 - 10 August / Las Vegas NV– Chaos Communications Camp, TBD / Berlin

All images scavenged without permission

All images scavenged without permission