Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

CERT-SE söker teknisk skribent inom cybersäkerhet.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.19

Ingen klämkäck rubrik, men väl ett matnyttigt nyhetsbrev. Trevlig helg!

Nyheter i veckan

JavaScript Coinhive in Excel
https://charles.dardaman.com/js_coinhive_in_excel

Wipers - Destruction as a means to an end
https://blog.talosintelligence.com/2018/05/wipers-destruction-as-means-to-end.html

Spectre-NG - Multiple new Intel CPU flaws revealed, several serious
https://www.heise.de/ct/artikel/Exclusive-Spectre-NG-Multiple-new-Intel-CPU-flaws-revealed-several-serious-4040648.html

Microsoft Adds Support for JavaScript in Excel—What Could Possibly Go Wrong?
https://thehackernews.com/2018/05/javascript-function-excel.html

Backdoored Python Library Caught Stealing SSH Credentials
https://www.bleepingcomputer.com/news/security/backdoored-python-library-caught-stealing-ssh-credentials/

Uber car software detected woman before fatal crash but failed to stop
https://nakedsecurity.sophos.com/2018/05/09/uber-car-software-detected-woman-before-fatal-crash-but-failed-to-stop/

Russia Blocks 50 VPNs and Proxy Services Providing Access to Telegram
https://www.bleepingcomputer.com/news/government/russia-blocks-50-vpns-and-proxy-services-providing-access-to-telegram/

Phishing Attack Bypasses Two-Factor Authentication
https://www.darkreading.com/endpoint/phishing-attack-bypasses-two-factor-authentication/d/d-id/1331776

Host Header Manipulation
https://vincentyiu.co.uk/host-header-manipulation/

First-Ever Ransomware Found Using 'Process Doppelgänging' Attack to Evade Detection
https://thehackernews.com/2018/05/synack-process-doppelganging.html

Introducing extended line endings support in Notepad
https://blogs.msdn.microsoft.com/commandline/2018/05/08/extended-eol-in-notepad/

iOS 11.4 to Disable USB Port After 7 Days: What It Means for Mobile Forensics
https://blog.elcomsoft.com/2018/05/ios-11-4-to-disable-usb-port-after-7-days-what-it-means-for-mobile-forensics/

Yubico and Microsoft Introduce Passwordless Login
https://www.yubico.com/2018/04/yubico-and-microsoft-introduce-passwordless-login/

WHOIS Behind Cyberattacks? Under GDPR, We May Not Know
https://securityintelligence.com/whois-behind-cyberattacks-under-gdpr-we-may-not-know/

CyberChef - The Cyber Swiss Army Knife
https://github.com/gchq/CyberChef/blob/master/README.md

The 7 Craziest IoT Device Hacks
https://blog.radware.com/security/2018/05/7-craziest-iot-device-hacks/

HTTPS: why the green padlock is not enough
https://blog.malwarebytes.com/101/2018/05/https-why-the-green-padlock-is-not-enough/

Throwhammer: Rowhammer Attacks over the Network and Defenses
https://www.cs.vu.nl/~herbertb/download/papers/throwhammer_atc18.pdf

CERT-SE i veckan

GDPR och nätfiskeangrepp

Sårbarheter rättade i Adobes produkter

Microsofts säkerhetsuppdateringar maj 2018