Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.21

Generöst Doserad Portion Realia

Nyheter i veckan

Statement from PGP developers about eFail
https://protonmail.com/blog/pgp-efail-statement/

Experimental Security Assessment of BMW Cars: A Summary Report
https://keenlab.tencent.com/en/Experimental_Security_Assessment_of_BMW_Cars_by_KeenLab.pdf

Analysis and mitigation of speculative store bypass
https://blogs.technet.microsoft.com/srd/2018/05/21/analysis-and-mitigation-of-speculative-store-bypass-cve-2018-3639/

New VPNFilter malware targets at least 500K networking devices worldwide
https://blog.talosintelligence.com/2018/05/VPNFilter.html

VPNFilter EXIF to C2 mechanism analysed
https://gixtools.net/2018/05/vpnfilter-exif-to-c2-mechanism-analysed/

FBI Seizes Control of Russian Botnet
https://www.thedailybeast.com/exclusive-fbi-seizes-control-of-russian-botnet

Home Network Security
https://www.us-cert.gov/ncas/tips/ST15-002

An Old Trick with a New Twist: Cryptomining Through Disguised URL Shorteners
https://blog.sucuri.net/2018/05/cryptomining-through-disguised-url-shorteners.html

Z-Wave Downgrade Attack Left Over 100 Million IoT Devices Open to Hackers
https://thehackernews.com/2018/05/z-wave-wireless-hacking.html

Turla Mosquito: A shift towards more generic tools
https://www.welivesecurity.com/2018/05/22/turla-mosquito-shift-towards-generic-tools/

Student awarded $36,000 for remote execution flaw in Google App Engine
https://www.zdnet.com/article/google-awards-researcher-36000-for-remote-execution-flaw-in-google-app-engine/

The ethical and legal dilemmas of threat researchers
https://www.helpnetsecurity.com/2018/05/21/threat-research-ethical-legal-dilemmas/

Woman says her Amazon device recorded private conversation, sent it out to random contact
https://www.kiro7.com/news/local/woman-says-her-amazon-device-recorded-private-conversation-sent-it-out-to-random-contact/755507974

GPS Jamming and Spoofing On the Rise
https://www.ainonline.com/aviation-news/business-aviation/2018-05-22/gps-jamming-and-spoofing-rise

ENIAC Simulator
https://www.cs.drexel.edu/~bls96/eniac/

Playing battleships over BGP
https://blog.benjojo.co.uk/post/bgp-battleships

ICS-sektionen

Trisis masterminds have expanded operations to target U.S. industrial firms
https://www.cyberscoop.com/xenotime-ics-cyber-attacks-trisis-dragos/

Musiksektionen

The G-D-P-R Song
https://www.youtube.com/watch?v=6i5WuBbfhss

CERT-SE i veckan

VPNFilter - skadlig kod för nätverksutrustning

Ytterligare processorsårbarheter