Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.40

Här kommer en samling härliga länkar att läsa i helgen.
Trevlig helg!

Nyheter i veckan

3 billion Yahoo accounts affected by 2013 breach
https://nakedsecurity.sophos.com/2017/10/04/3-billion-yahoo-accounts-affected-by-2013-breach/

BlueBorne – Bluetooth’s airborne influenza
https://blog.malwarebytes.com/cybercrime/2017/09/blueborne-bluetooths-airborne-influenza/

Mozilla to End All Firefox Support for XP and Vista in June 2018
https://www.bleepingcomputer.com/news/software/mozilla-to-end-all-firefox-support-for-xp-and-vista-in-june-2018/

Russian spies used Kaspersky AV to hack NSA contractor, swipe exploit code – new claim
https://www.theregister.co.uk/2017/10/05/anonymous_report_russian_spies_used_kaspersky_lab_software_to_steal_nsa_secrets/

Russia Raises Tensions in Baltic Region With Testing of Cyber Weapons
http://www.securityweek.com/russia-raises-tensions-baltic-region-testing-cyber-weapons

pcap2curl: Turning a pcap file into a set of cURL commands for "replay"
https://isc.sans.edu/diary/pcap2curl%3A+Turning+a+pcap+file+into+a+set+of+cURL+commands+for+%22replay%22+/22900

Control Center in iOS Doesn't Actually Kill Wi-Fi and Bluetooth
https://www.wired.com/story/how-to-turn-off-wifi-and-bluetooth-in-ios11/

macOS High Sierra Leaks APFS Volume Passwords via Hint
http://www.securityweek.com/macos-high-sierra-leaks-apfs-volume-passwords-hint

Hackers pounce on 3 vulnerable WordPress plugins
https://nakedsecurity.sophos.com/2017/10/05/hackers-pounce-on-three-vulnerable-wordpress-plugins/

Video Streams Leak What You're Watching to Attackers With Over 95% Accuracy
https://www.bleepingcomputer.com/news/security/video-streams-leak-what-youre-watching-to-attackers-with-over-95-percent-accuracy/

FormBook Campaigns Target U.S., South Korea
http://www.securityweek.com/formbook-campaigns-target-us-south-korea

VMware Escapology – How to Houdini the Hypervisor
https://www.zerodayinitiative.com/blog/2017/10/04/vmware-escapology-how-to-houdini-the-hypervisor

DNSSEC master key change delayed after ISPs struggle
https://nakedsecurity.sophos.com/2017/10/04/dnssec-master-key-change-delayed-after-isps-struggle/

Security cameras are vulnerable to attacks using infrared light: study
https://phys.org/news/2017-09-cameras-vulnerable-infrared.html

CERT-SE i veckan

Android säkerhetsbullentin - oktober 2017

Kritiska sårbarheter i HPE Intelligent Management Center

Sårbarhet i Apache Tomcat

Kritiska sårbarheter i dnsmasq