Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

Vi söker chef till Enheten för operativ cybersäkerhetsförmåga, en viktig roll i arbetet med att utveckla Sveriges förmåga att förebygga och hantera it-incidenter. Sista ansökningsdag är den 19 oktober.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.38

Tid att läsa igenom veckans länksamling.

Nyheter i veckan

Equifax: America’s In-Credible Insecurity
http://icitech.org/wp-content/uploads/2017/09/ICIT-Analysis-Equifax-Americas-In-Credible-Insecurity-Part-One.pdf

a-PATCH-e: Struts Vulnerabilities Run Rampant
https://blog.trendmicro.com/trendlabs-security-intelligence/apache-struts-vulnerabilities-run-rampant/

Equifax fooled again! Blundering credit biz directs hack attack victims to parody site
https://www.theregister.co.uk/2017/09/21/equifax_fooled_again_company_teets_out_links_to_website_parodying_it/

CCleanup: A Vast Number of Machines at Risk
https://blog.talosintelligence.com/2017/09/avast-distributes-malware.html

CCleaner Command and Control Causes Concern
https://blog.talosintelligence.com/2017/09/ccleaner-c2-concern.html

Apache “Optionsbleed” vulnerability – what you need to know
https://nakedsecurity.sophos.com/2017/09/19/apache-optionsbleed-vulnerability-what-you-need-to-know/

BSides Augusta 2017 Videos
https://www.youtube.com/playlist?list=PLEJJRQNh3v_PQEsZ8R7H6xKe9Bkg_KnVC

Number of lost, stolen or compromised records increased by 164%
https://www.helpnetsecurity.com/2017/09/20/lost-stolen-compromised-records/

Kernel Exploitation
http://resources.infosecinstitute.com/windows-kernel-exploitation-part-1/
http://resources.infosecinstitute.com/kernel-exploitation-part-2/
http://resources.infosecinstitute.com/kernel-exploitation-part-3/

Here’s How Hackers Can Hijack Your Online Bitcoin Wallets
https://thehackernews.com/2017/09/hacking-bitcoin-wallets.html

Achieve Scalable Anonymous Communication With Loopix
https://themerkle.com/achieving-scalable-anonymous-communication-with-loopix/

0x00sec Programming Tutorials
https://0x00sec.org/c/programming/tutorials

Iranian APT33 Targets US Firms with Destructive Malware
https://threatpost.com/iranian-apt33-targets-us-firms-with-destructive-malware/128074/

SIP-Based Audit and Attack Tool - Mr.SIP
http://www.ehacking.net/2017/09/sip-based-audit-and-attack-tool-mrsip.html

Hacking into Internet Connected Light Bulbs
https://www.contextis.com/blog/hacking-into-internet-connected-light-bulbs

Hackers hold entire school district to ransom
https://nakedsecurity.sophos.com/2017/09/21/hackers-holds-entire-school-district-to-ransom/

The UK government asked WhatsApp to built a Backdoor in its systems but the Company declined it
https://latesthackingnews.com/2017/09/22/uk-government-asked-whatsapp-built-backdoor-systems-company-declined/

Locky Unleashes Multiple Spam Waves with a New Variant “ykcol“
https://blog.fortinet.com/2017/09/21/locky-unleashes-multiple-spam-waves-with-a-new-variant-ykcol

CERT-SE i veckan

Apple iOS 11 rättar allvarliga säkerhetsbrister

Sårbarheter i Cisco-produkter

CCleaner infekterad

CERT-SE tekniska råd med anledning av det aktuella dataintrångsfallet (B 8322-16)