Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.23

Fredag igen och veckobrevsdags. God helg!

Nyheter i veckan

GitLab gains developers after Microsoft buys rival GitHub
https://www.reuters.com/article/us-github-microsoft-gitlab/gitlab-gains-developers-after-microsoft-buys-rival-github-idUSKCN1J12BR

Firmware Vulnerabilities in Supermicro Systems
https://blog.eclypsium.com/2018/06/07/firmware-vulnerabilities-in-supermicro-systems/

Sofacy Group’s Parallel Attacks
https://researchcenter.paloaltonetworks.com/2018/06/unit42-sofacy-groups-parallel-attacks/

Operation Prowli: Monetizing 40,000 Victim Machines
https://www.guardicore.com/2018/06/operation-prowli-traffic-manipulation-cryptocurrency-mining/

US Piles New Charges on Marcus Hutchins (aka MalwareTech)
https://www.bleepingcomputer.com/news/legal/us-piles-new-charges-on-marcus-hutchins-aka-malwaretech/

Converting PCAP Web Traffic to Apache Log
https://isc.sans.edu/forums/diary/Converting+PCAP+Web+Traffic+to+Apache+Log/23739/

VPNFilter Update – VPNFilter exploits endpoints, targets new devices
https://blog.talosintelligence.com/2018/06/vpnfilter-update.html

Zip Slip Vulnerability
https://snyk.io/research/zip-slip-vulnerability

FIFA public Wi-Fi guide: which host cities have the most secure networks?
https://securelist.com/fifa-public-wi-fi-guide/85919/

Over 115,000 Drupal Sites still vulnerable to Drupalgeddon2, a gift to crooks
https://securityaffairs.co/wordpress/73219/hacking/drupalgeddon2-vulnerable-sites.html

Researcher Finds Credentials for 92 Million Users of DNA Testing Firm MyHeritage
https://krebsonsecurity.com/2018/06/researcher-finds-credentials-for-92-million-users-of-dna-testing-firm-myheritage/

Ticketfly cyberattack exposed data belonging to 27 million accounts
https://www.zdnet.com/article/ticketfly-cyberattack-exposed-data-belonging-to-27-million-accounts/

RedEye ransomware: there's more than meets the eye
https://bartblaze.blogspot.com/2018/06/redeye-ransomware-theres-more-than.html

Hacker Fail: IoT botnet command and control server accessible via default credentials
https://blog.newskysecurity.com/hacker-fail-iot-botnet-command-and-control-server-accessible-via-default-credentials-2ea7cab36f72

Facebook bug changed 14 million users’ default privacy settings to public
https://thehackernews.com/2018/06/facebook-privacy-setting.html

Major Vulnerabilities in Foscam Cameras
https://blog.vdoo.com/2018/06/06/vdoo-has-found-major-vulnerabilities-in-foscam-cameras/

Gammalt men bra ändå

The Visual 6502
http://www.visual6502.org/JSSim/index.html

Ultrasound Networking
https://www.anfractuosity.com/projects/ultrasound-networking/

Analysis of an Ultrasound-Based Physical Tracking System
https://hal.inria.fr/hal-01798091/document

Network Security Audit
http://blog.netbsd.org/tnf/entry/network_security_audit

CERT-SE i veckan

Kritiska sårbarheter i Adobe Flash Player

Kritisk sårbarhet i Firefox

Kritiska sårbarheter i Cisco-produkter