Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.26

Hotell, skor, biljettbås och gistna ekor. Allt läcker som såll!

Nyheter i veckan

DECEIVED BY DESIGN
https://fil.forbrukerradet.no/wp-content/uploads/2018/06/2018-06-27-deceived-by-design-final.pdf

Ticketmaster accused by bank of ignoring security warnings made more than two months ago
https://www.v3.co.uk/v3-uk/news/3035025/ticketmaster-accused-by-bank-of-ignoring-security-warnings-more-than-two-months-ago

Ticketmaster security breach caused by JavaScript on payments page
https://www.v3.co.uk/v3-uk/news/3035068/ticketmaster-security-breach-caused-by-javascript-on-payments-page

Hundreds of Hotels Affected by Data Breach at Hotel Booking Software Provider
https://www.bleepingcomputer.com/news/security/hundreds-of-hotels-affected-by-data-breach-at-hotel-booking-software-provider/

Adidas Website Hacked, Millions of US Customer Details Stolen
https://www.pcmag.com/news/362173/adidas-website-hacked-millions-of-us-customer-details-stole

This surveillance van can hack your phone from 500 meters away
https://www.techspot.com/news/75251-surveillance-van-can-hack-phone-500-meters-away.html

Yellow dots identify printers: Computer scientists of TU Dresden develop a tool for printer anonymisation
https://tu-dresden.de/ing/informatik/sya/ps/die-professur/news/geheime-daten-auf-dem-druckpapier-diplominformatiker-der-tu-dresden-entwickeln-verfahren-gegen-druckerueberwachung
https://dl.acm.org/citation.cfm?doid=3206004.3206019

Github Gentoo organization hacked
https://www.gentoo.org/news/2018/06/28/Github-gentoo-org-hacked.html

UK Tax Agency HMRC has recorded the voice tracks of 5.1 Million Brits
https://securityaffairs.co/wordpress/73876/digital-id/hmrc-collects-voice-tracks.html

SWORD dropbox: A $15 OpenWRT based DIY disposable pen-test tool
https://medium.com/@tomac/a-15-openwrt-based-diy-pen-test-dropbox-26a98a5fa5e5

Wi-Fi Alliance Launches WPA3 Security Standard
https://www.securityweek.com/wi-fi-alliance-launches-wpa3-security-standard

539 percent uptick in attacks targeting consumer-grade routers since, study
https://www.scmagazine.com/539-percent-uptick-in-attacks-targeting-consumer-grade-routers-since-study/article/776715/

Scanning for breached accounts with k-Anonymity
https://blog.mozilla.org/security/2018/06/25/scanning-breached-accounts-k-anonymity/

Windows Settings Shortcuts Can Be Abused for Code Execution on Windows 10
https://www.bleepingcomputer.com/news/security/windows-settings-shortcuts-can-be-abused-for-code-execution-on-windows-10/

A Technical Deep Dive into STARTTLS Everywhere
https://www.eff.org/deeplinks/2018/06/technical-deep-dive-starttls-everywhere

Scammy App That Infects Phones for Ad-clicking and Info-Stealing Controls Over 60,000 Devices
https://www.riskiq.com/blog/interesting-crawls/battery-saving-mobile-scam-app/

Hackers weaponised secure USB drives to target air-gapped networks
https://www.scmagazineuk.com/hackers-weaponised-secure-usb-drives-to-target-air-gapped-networks/article/775778/

4 scams that illustrate the one-way authentication problem
https://www.csoonline.com/article/3284409/fraud/4-scams-that-illustrate-the-one-way-authentication-problem.html

All-Radio 4.27 Portable Can't Be Removed? Then Your PC is Severely Infected
https://www.bleepingcomputer.com/news/security/all-radio-427-portable-cant-be-removed-then-your-pc-is-severely-infected/

Mylobot Botnet Emerges with Rare Level of Complexity
https://threatpost.com/mylobot-botnet-emerges-with-rare-level-of-complexity/132967/

CERT-SE i veckan

Kritiska sårbarheter i Firefox