SlideShare a Scribd company logo

News bytes

Download as PPTX, PDF
n|u - The Open Security Community
n|u - The Open Security Community

Banglore null Monthly Meet - March 2012

EducationTechnology
1 of 13
Riyaz Walikar Null Meet - 10th March 2012
 Adobe Patches Zero-Day XSS Flaw, Six Other Bugs in Flash Player  Microsoft's February Patch Tuesday Kills 21 Security Bugs  Google patches 14 vulnerabilities in Chrome  Offensive Security Release Backtrack5 R2  Linux Kernel 3.2.9 - 1st March 2012
 Adobe released a security update addressing seven critical vulnerabilities in its Flash Player software on Feb 15 2012  A universal XSS bug in Flash found by Google  4 memory corruption vulnerabilities and two security bypass vulnerabilities that could lead to code execution
 Microsoft's February Patch Tuesday Kills 21 Security Bugs  9 Security Bulletins for IE and the Windows operating system, Microsoft Office and .NET/Silverlight  Four rated critical for IE  Windows Kernel (MS12-008), the .NET/Silverlight (MS12-016),the Microsoft C Runtime flaw in Windows Media Player (MS12-013), DLL-preloading issue in the Color Control Panel (MS12-012) and a flaw in Visio Viewer (MS12-015) were the other issues.
 Google patched 14 vulnerabilities in Chrome and handed out a record $47,500 in rewards to researchers, including $30,000 for "sustained, extraordinary" contributions to its bug-reporting program.  10 of them were "use-after-free" memory management vulnerabilities  Google paid 4 outside researchers $17,500 in bounty payments  Google also rewarded 3 of them with surprise bonuses of $10,000 each for "sustained, extraordinary" work - Aki Helin and Arthur Gerkis, and to "miaubiz."
 Offensive Security released Backtrack 5 r2 on 1st March  Several new tools, upgrades to previous tools and general improvement  arduino, bluelog, bt-audit, dirb, dnschef, dpscan, easy- creds, extundelete, findmyhash, golismero, goofile, ha shcat-gui, hash- identifier, hexorbase, horst, hotpatch, joomscan, killerb ee, libhijack, magictree, nipper- ng, patator, pipal, pyrit, reaver, rebind, rec- studio, redfang, se-toolkit, sqlsus, sslyze, sucrack, thc- ssl-dos, tlssled, uniscan, vega, watobo, wcex, wol- e, and xspy.
 Linux Kernel 3.2.9 brings the usual ARM fixes and improvements, some USB patches, ALSA updates, as well as fixes for various filesystems, like NFSv4 and eCryptfs.
 GitHub hacked with Ruby on Rails public key vulnerability - Egor Homakov  Polish websites attacked by Anti-ACTA Hackers  Microsoft India store, managed by Quasar Media, down after hackers take user data – Team EvilShadow  WikiLeaks releases alleged Stratfor e-mails
 New Flashback Trojan variant found for OS X  Nortel was penetrated by hackers for decade - Wall Street Report  Facebook Spammers Use Amazon's Cloud  Albania is the most Malware infected Nation - Norman and Microsoft
 Anonymous Eavesdrops on FBI Call  Anonymous takedown several Vatican Websites  #AntiSec hackers deface Panda Security site to protest LulzSec arrests  Anonymous Sabu was working for FBI to Trace down other LulzSec hackers
 Hackers steal Michael Jackson's entire back catalog from Sony  Siemens and Canon's Databases exploited by Team INTRA  Cyber Criminals took over billion dollar of Brazilian companies – PwC
 Pwn2Own 2012: Google Chrome browser sandbox first to fall , IE 9 on Windows 7 SP1 hacked with two 0day vulnerabilities  Russian University student Sergey Glazunov managed to execute code but not break out of the Chrome sandbox  Vupen’s attack used a use-after-free bug to bypass DEP and ASLR and then a bug to bypass Chrome’s Sandbox
5 member team from Vupen Security @Pwn2Own 2012 with CEO Chaouki Bekrar

Recommended

News bytes Oct-2011
News bytes Oct-2011News bytes Oct-2011
News bytes Oct-2011
Ashwin Patil, GCIH, GCIA, GCFE
 
Windows Vista Security
Windows Vista SecurityWindows Vista Security
Windows Vista Security
simplysuperb007
 
Rootkit
RootkitRootkit
Rootkit
tech2click
 
Malware freak show
Malware freak showMalware freak show
Malware freak show
sr1nu
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring Budget
Brent Muir
 
thesis sample
thesis samplethesis sample
thesis sample
Vinayak Wadhwa
 
Bruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
Bruh! Do you even diff?—Diffing Microsoft Patches to Find VulnerabilitiesBruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
Bruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
Priyanka Aash
 
Windows 7 Security--Windows 7 password reset
Windows 7 Security--Windows 7 password resetWindows 7 Security--Windows 7 password reset
Windows 7 Security--Windows 7 password reset
Passreset
 

Recommended

News bytes Oct-2011
News bytes Oct-2011News bytes Oct-2011
News bytes Oct-2011
Ashwin Patil, GCIH, GCIA, GCFE
 
Windows Vista Security
Windows Vista SecurityWindows Vista Security
Windows Vista Security
simplysuperb007
 
Rootkit
RootkitRootkit
Rootkit
tech2click
 
Malware freak show
Malware freak showMalware freak show
Malware freak show
sr1nu
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring Budget
Brent Muir
 
thesis sample
thesis samplethesis sample
thesis sample
Vinayak Wadhwa
 
Bruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
Bruh! Do you even diff?—Diffing Microsoft Patches to Find VulnerabilitiesBruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
Bruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
Priyanka Aash
 
Windows 7 Security--Windows 7 password reset
Windows 7 Security--Windows 7 password resetWindows 7 Security--Windows 7 password reset
Windows 7 Security--Windows 7 password reset
Passreset
 
The Dynamite of Next Generation (Y) Attack
The Dynamite of Next Generation (Y) AttackThe Dynamite of Next Generation (Y) Attack
The Dynamite of Next Generation (Y) Attack
Prathan Phongthiproek
 
Bugs Ex Ante by Kristaps Dzonsons
Bugs Ex Ante by Kristaps DzonsonsBugs Ex Ante by Kristaps Dzonsons
Bugs Ex Ante by Kristaps Dzonsons
eurobsdcon
 
Android 2.3 Introduction
Android 2.3 IntroductionAndroid 2.3 Introduction
Android 2.3 Introduction
Kan-Ru Chen
 
Fileless Malware Infections
Fileless Malware InfectionsFileless Malware Infections
Fileless Malware Infections
Ramon
 
Comparison of Windows and Linux Operating Systems in Advanced Features
Comparison of Windows and Linux Operating Systems in Advanced FeaturesComparison of Windows and Linux Operating Systems in Advanced Features
Comparison of Windows and Linux Operating Systems in Advanced Features
IJERA Editor
 
CI410 vieyra macro malware
CI410 vieyra macro malwareCI410 vieyra macro malware
CI410 vieyra macro malware
Matt Vieyra
 
Nullbyte 6ed. 2019
Nullbyte 6ed. 2019Nullbyte 6ed. 2019
Nullbyte 6ed. 2019
Ricardo L0gan
 
Hunting Rootkit From the Dark Corners Of Memory
Hunting Rootkit From the Dark Corners Of MemoryHunting Rootkit From the Dark Corners Of Memory
Hunting Rootkit From the Dark Corners Of Memory
securityxploded
 
Nguyen Duc Thinh - Docker security in Dev Ops environment 2.0
Nguyen Duc Thinh - Docker security in Dev Ops environment 2.0Nguyen Duc Thinh - Docker security in Dev Ops environment 2.0
Nguyen Duc Thinh - Docker security in Dev Ops environment 2.0
Security Bootcamp
 
I Heart Stuxnet
I Heart StuxnetI Heart Stuxnet
I Heart Stuxnet
Gil Megidish
 
PPT on Android
PPT on AndroidPPT on Android
PPT on Android
Subhadip Chakraborty
 
Tsunami of Technologies. Are we prepared?
Tsunami of Technologies. Are we prepared?Tsunami of Technologies. Are we prepared?
Tsunami of Technologies. Are we prepared?
msyukor
 
Malware Freak Show
Malware Freak ShowMalware Freak Show
Malware Freak Show
n|u - The Open Security Community
 
2022 December Patch Tuesday
2022 December Patch Tuesday2022 December Patch Tuesday
2022 December Patch Tuesday
Ivanti
 
News bytes Sept-2011
News bytes Sept-2011News bytes Sept-2011
News bytes Sept-2011
Ashwin Patil, GCIH, GCIA, GCFE
 
Malware's Most Wanted: Linux and Internet of Things Malware
Malware's Most Wanted: Linux and Internet of Things MalwareMalware's Most Wanted: Linux and Internet of Things Malware
Malware's Most Wanted: Linux and Internet of Things Malware
Cyphort
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec Technology and Consulting
 
Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0
mobileironmarketing
 
Palestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry morePalestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry more
BHack Conference
 
Stuxnet - A weapon of the future
Stuxnet - A weapon of the futureStuxnet - A weapon of the future
Stuxnet - A weapon of the future
Hardeep Bhurji
 
The Duqu 2.0: Technical Details
The Duqu 2.0: Technical DetailsThe Duqu 2.0: Technical Details
The Duqu 2.0: Technical Details
Kaspersky
 
Catching Multilayered Zero-Day Attacks on MS Office
Catching Multilayered Zero-Day Attacks on MS OfficeCatching Multilayered Zero-Day Attacks on MS Office
Catching Multilayered Zero-Day Attacks on MS Office
Kaspersky
 

More Related Content

What's hot

Bugs Ex Ante by Kristaps Dzonsons
Bugs Ex Ante by Kristaps DzonsonsBugs Ex Ante by Kristaps Dzonsons
Bugs Ex Ante by Kristaps Dzonsons
eurobsdcon
 
Comparison of Windows and Linux Operating Systems in Advanced Features
Comparison of Windows and Linux Operating Systems in Advanced FeaturesComparison of Windows and Linux Operating Systems in Advanced Features
Comparison of Windows and Linux Operating Systems in Advanced Features
IJERA Editor
 

What's hot (10)

The Dynamite of Next Generation (Y) Attack
The Dynamite of Next Generation (Y) AttackThe Dynamite of Next Generation (Y) Attack
The Dynamite of Next Generation (Y) Attack
 
Bugs Ex Ante by Kristaps Dzonsons
Bugs Ex Ante by Kristaps DzonsonsBugs Ex Ante by Kristaps Dzonsons
Bugs Ex Ante by Kristaps Dzonsons
 
Android 2.3 Introduction
Android 2.3 IntroductionAndroid 2.3 Introduction
Android 2.3 Introduction
 
Fileless Malware Infections
Fileless Malware InfectionsFileless Malware Infections
Fileless Malware Infections
 
Comparison of Windows and Linux Operating Systems in Advanced Features
Comparison of Windows and Linux Operating Systems in Advanced FeaturesComparison of Windows and Linux Operating Systems in Advanced Features
Comparison of Windows and Linux Operating Systems in Advanced Features
 
CI410 vieyra macro malware
CI410 vieyra macro malwareCI410 vieyra macro malware
CI410 vieyra macro malware
 
Nullbyte 6ed. 2019
Nullbyte 6ed. 2019Nullbyte 6ed. 2019
Nullbyte 6ed. 2019
 
Hunting Rootkit From the Dark Corners Of Memory
Hunting Rootkit From the Dark Corners Of MemoryHunting Rootkit From the Dark Corners Of Memory
Hunting Rootkit From the Dark Corners Of Memory
 
Nguyen Duc Thinh - Docker security in Dev Ops environment 2.0
Nguyen Duc Thinh - Docker security in Dev Ops environment 2.0Nguyen Duc Thinh - Docker security in Dev Ops environment 2.0
Nguyen Duc Thinh - Docker security in Dev Ops environment 2.0
 
I Heart Stuxnet
I Heart StuxnetI Heart Stuxnet
I Heart Stuxnet
 

Similar to News bytes

Malware's Most Wanted: Linux and Internet of Things Malware
Malware's Most Wanted: Linux and Internet of Things MalwareMalware's Most Wanted: Linux and Internet of Things Malware
Malware's Most Wanted: Linux and Internet of Things Malware
Cyphort
 
The Duqu 2.0: Technical Details
The Duqu 2.0: Technical DetailsThe Duqu 2.0: Technical Details
The Duqu 2.0: Technical Details
Kaspersky
 
Catching Multilayered Zero-Day Attacks on MS Office
Catching Multilayered Zero-Day Attacks on MS OfficeCatching Multilayered Zero-Day Attacks on MS Office
Catching Multilayered Zero-Day Attacks on MS Office
Kaspersky
 
Crypto Hot Cases – One Year Backward
Crypto Hot Cases – One Year BackwardCrypto Hot Cases – One Year Backward
Crypto Hot Cases – One Year Backward
Positive Hack Days
 
Layer8 exploitation: Lock'n Load Target
Layer8 exploitation: Lock'n Load TargetLayer8 exploitation: Lock'n Load Target
Layer8 exploitation: Lock'n Load Target
Prathan Phongthiproek
 

Similar to News bytes (20)

PPT on Android
PPT on AndroidPPT on Android
PPT on Android
 
Tsunami of Technologies. Are we prepared?
Tsunami of Technologies. Are we prepared?Tsunami of Technologies. Are we prepared?
Tsunami of Technologies. Are we prepared?
 
Malware Freak Show
Malware Freak ShowMalware Freak Show
Malware Freak Show
 
2022 December Patch Tuesday
2022 December Patch Tuesday2022 December Patch Tuesday
2022 December Patch Tuesday
 
News bytes Sept-2011
News bytes Sept-2011News bytes Sept-2011
News bytes Sept-2011
 
Malware's Most Wanted: Linux and Internet of Things Malware
Malware's Most Wanted: Linux and Internet of Things MalwareMalware's Most Wanted: Linux and Internet of Things Malware
Malware's Most Wanted: Linux and Internet of Things Malware
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
 
Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0
 
Palestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry morePalestra Jeferson Propheta - Wanna Cry more
Palestra Jeferson Propheta - Wanna Cry more
 
Stuxnet - A weapon of the future
Stuxnet - A weapon of the futureStuxnet - A weapon of the future
Stuxnet - A weapon of the future
 
The Duqu 2.0: Technical Details
The Duqu 2.0: Technical DetailsThe Duqu 2.0: Technical Details
The Duqu 2.0: Technical Details
 
Catching Multilayered Zero-Day Attacks on MS Office
Catching Multilayered Zero-Day Attacks on MS OfficeCatching Multilayered Zero-Day Attacks on MS Office
Catching Multilayered Zero-Day Attacks on MS Office
 
Software Disasters
Software DisastersSoftware Disasters
Software Disasters
 
Crypto Hot Cases – One Year Backward
Crypto Hot Cases – One Year BackwardCrypto Hot Cases – One Year Backward
Crypto Hot Cases – One Year Backward
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
 
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming NextThe Seven Most Dangerous New Attack Techniques, and What's Coming Next
The Seven Most Dangerous New Attack Techniques, and What's Coming Next
 
BROWSERS!
BROWSERS!BROWSERS!
BROWSERS!
 
Dan Guido SOURCE Boston 2011
Dan Guido SOURCE Boston 2011Dan Guido SOURCE Boston 2011
Dan Guido SOURCE Boston 2011
 
The most well known closed vulnerabilities
The most well known closed vulnerabilitiesThe most well known closed vulnerabilities
The most well known closed vulnerabilities
 
Layer8 exploitation: Lock'n Load Target
Layer8 exploitation: Lock'n Load TargetLayer8 exploitation: Lock'n Load Target
Layer8 exploitation: Lock'n Load Target
 

More from n|u - The Open Security Community

More from n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Recently uploaded

Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 

Recently uploaded (20)

Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 

News bytes

  • 1. Riyaz Walikar Null Meet - 10th March 2012
  • 2. Adobe Patches Zero-Day XSS Flaw, Six Other Bugs in Flash Player  Microsoft's February Patch Tuesday Kills 21 Security Bugs  Google patches 14 vulnerabilities in Chrome  Offensive Security Release Backtrack5 R2  Linux Kernel 3.2.9 - 1st March 2012
  • 3. Adobe released a security update addressing seven critical vulnerabilities in its Flash Player software on Feb 15 2012  A universal XSS bug in Flash found by Google  4 memory corruption vulnerabilities and two security bypass vulnerabilities that could lead to code execution
  • 4. Microsoft's February Patch Tuesday Kills 21 Security Bugs  9 Security Bulletins for IE and the Windows operating system, Microsoft Office and .NET/Silverlight  Four rated critical for IE  Windows Kernel (MS12-008), the .NET/Silverlight (MS12-016),the Microsoft C Runtime flaw in Windows Media Player (MS12-013), DLL-preloading issue in the Color Control Panel (MS12-012) and a flaw in Visio Viewer (MS12-015) were the other issues.
  • 5. Google patched 14 vulnerabilities in Chrome and handed out a record $47,500 in rewards to researchers, including $30,000 for "sustained, extraordinary" contributions to its bug-reporting program.  10 of them were "use-after-free" memory management vulnerabilities  Google paid 4 outside researchers $17,500 in bounty payments  Google also rewarded 3 of them with surprise bonuses of $10,000 each for "sustained, extraordinary" work - Aki Helin and Arthur Gerkis, and to "miaubiz."
  • 6. Offensive Security released Backtrack 5 r2 on 1st March  Several new tools, upgrades to previous tools and general improvement  arduino, bluelog, bt-audit, dirb, dnschef, dpscan, easy- creds, extundelete, findmyhash, golismero, goofile, ha shcat-gui, hash- identifier, hexorbase, horst, hotpatch, joomscan, killerb ee, libhijack, magictree, nipper- ng, patator, pipal, pyrit, reaver, rebind, rec- studio, redfang, se-toolkit, sqlsus, sslyze, sucrack, thc- ssl-dos, tlssled, uniscan, vega, watobo, wcex, wol- e, and xspy.
  • 7. Linux Kernel 3.2.9 brings the usual ARM fixes and improvements, some USB patches, ALSA updates, as well as fixes for various filesystems, like NFSv4 and eCryptfs.
  • 8. GitHub hacked with Ruby on Rails public key vulnerability - Egor Homakov  Polish websites attacked by Anti-ACTA Hackers  Microsoft India store, managed by Quasar Media, down after hackers take user data – Team EvilShadow  WikiLeaks releases alleged Stratfor e-mails
  • 9. New Flashback Trojan variant found for OS X  Nortel was penetrated by hackers for decade - Wall Street Report  Facebook Spammers Use Amazon's Cloud  Albania is the most Malware infected Nation - Norman and Microsoft
  • 10. Anonymous Eavesdrops on FBI Call  Anonymous takedown several Vatican Websites  #AntiSec hackers deface Panda Security site to protest LulzSec arrests  Anonymous Sabu was working for FBI to Trace down other LulzSec hackers
  • 11. Hackers steal Michael Jackson's entire back catalog from Sony  Siemens and Canon's Databases exploited by Team INTRA  Cyber Criminals took over billion dollar of Brazilian companies – PwC
  • 12. Pwn2Own 2012: Google Chrome browser sandbox first to fall , IE 9 on Windows 7 SP1 hacked with two 0day vulnerabilities  Russian University student Sergey Glazunov managed to execute code but not break out of the Chrome sandbox  Vupen’s attack used a use-after-free bug to bypass DEP and ASLR and then a bug to bypass Chrome’s Sandbox
  • 13. 5 member team from Vupen Security @Pwn2Own 2012 with CEO Chaouki Bekrar