Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

Jobba på CERT-SE? Nu söker vi en förvaltningsledare IT inom cybersäkerhet med sista ansökningsdag 17 augusti, samt en administrativ stjärna med it-säkerhetskunskap till vår desk med sista ansökningsdag 23 augusti.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.48

Gimme, gimme, gimme da veckobrev.

Noterat i veckan

The incomplete Dirty COW patch
https://medium.com/bindecy/huge-dirty-cow-cve-2017-1000405-110eca132de0

Why does man print “gimme gimme gimme” at 00:30?
https://unix.stackexchange.com/questions/405783/why-does-man-print-gimme-gimme-gimme-at-0030/405874

Virtual System Forensics
https://www.sans.org/reading-room/whitepapers/bestprac/exploring-effectiveness-approaches-discovering-acquiring-virtualized-servers-esxi-38155

Vulnerability Walkthrough: 7zip CVE-2016-2334 HFS+ Code Execution Vulnerability
http://blog.talosintelligence.com/2017/11/exploiting-cve-2016-2334.html#more

Let's celebrate Donald Knuth
http://knuth80.elfbrink.se/

RAT Distributed Via Google Drive Targets East Asia
https://threatpost.com/rat-distributed-via-google-drive-targets-east-asia/129047/

Persistent drive-by cryptomining coming to a browser near you
https://blog.malwarebytes.com/cybercrime/2017/11/persistent-drive-by-cryptomining-coming-to-a-browser-near-you/

Cryptocurrency Mining Scripts Now Run Even After You Close Your Browser
https://thehackernews.com/2017/11/cryptocurrency-mining-javascript.html

Should Social Media be Considered Part of Critical Infrastructure?
http://www.securityweek.com/should-social-media-be-considered-part-critical-infrastructure

Damned Insecure REST API
https://github.com/payatu/Tiredful-API/blob/master/README.md

Linux Expl0rer - Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask.
https://github.com/intezer/linux-explorer

Symmetric crypto with forward secrecy using two yubikeys
https://paranoidbeavers.ca/spy-stuff.html

JAWS - Just Another Windows (Enum) Script
https://411hall.github.io/JAWS-Enumeration/

CERT-SE i veckan

MacOS, High Sierra säkerhetsuppdatering

Allvarliga sårbarheter i Cisco WebEx ARF och WRF Player

Bugg i macOS High Sierra

Allvarliga sårbarheter i mailservern Exim