Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.31

Helgen närmar sig med stormsteg, så blanda er cyberdrink och njut av veckans veckobrev från CERT-SE.
Trevlig helg!

Nyheter i veckan

Pentagon Creates 'Do Not Buy' List of Chinese and Russian Software Providers
https://www.bleepingcomputer.com/news/government/pentagon-creates-do-not-buy-list-of-chinese-and-russian-software-providers/

EUD Security Guidance: Ubuntu 18.04 LTS
https://www.ncsc.gov.uk/guidance/eud-security-guidance-ubuntu-1804-lts

Google takes on Yubico with its own security key, Titan
https://nakedsecurity.sophos.com/2018/07/27/google-takes-on-yubico-with-its-own-security-key-titan/

Vulnerability Spotlight: Multiple Vulnerabilities in Samsung SmartThings Hub
https://blog.talosintelligence.com/2018/07/samsung-smartthings-vulns.html

DOJ arrests three Ukrainian nationals from Fin7 cybercrime group
https://www.zdnet.com/article/doj-arrests-indicts-three-ukrainian-nationals-from-fin7-cybercrime-group/

Security Begins at the Home Router
https://insights.sei.cmu.edu/sei_blog/2018/07/security-begins-at-the-home-router.html

Massive Malvertising Campaign Discovered Attempting 40,000 Infections per Week
https://www.bleepingcomputer.com/news/security/massive-malvertising-campaign-discovered-attempting-40-000-infections-per-week/

HP Launches Printer Bug Bounty Program
https://www.darkreading.com/vulnerabilities---threats/hp-launches-printer-bug-bounty-program/d/d-id/1332443

Finally, A Way To Send Malicious PDFs With URLs In Russian Letters
https://news.sophos.com/en-us/2018/07/30/finally-a-way-to-send-malicious-pdfs-with-urls-in-russian-letters/

Stealthy Crypto-Miner Has Worm-Like Spreading Mechanism
https://www.securityweek.com/stealthy-crypto-miner-has-worm-spreading-mechanism

Reddit’s serious “security incident” – what you need to know
https://nakedsecurity.sophos.com/2018/08/02/reddits-serious-security-incident-what-you-need-to-know/

Exploring the Security Vulnerabilities of LoRa
https://www.researchgate.net/publication/318575428_Exploring_the_Security_Vulnerabilities_of_LoRa

Secret locations of soldiers working on military bases revealed using satellite flaw
https://uk.finance.yahoo.com/news/secret-locations-soldiers-working-military-171055814.html

Decentralized certificate authority and naming
https://handshake.org/

Cisco buys Duo Security for $2.35 billion, adds cloud-based authentication to security lineup
https://www.zdnet.com/article/cisco-buys-duo-security-for-2-35-billion-adds-cloud-based-authentication-to-security-lineup/

The Year Targeted Phishing Went Mainstream
https://krebsonsecurity.com/2018/08/the-year-targeted-phishing-went-mainstream/

Massive Coinhive Cryptojacking Campaign Touches Over 200,000 MikroTik Routers
https://www.bleepingcomputer.com/news/security/massive-coinhive-cryptojacking-campaign-touches-over-200-000-mikrotik-routers/

Attacks on industrial enterprises using RMS and TeamViewer
https://ics-cert.kaspersky.com/reports/2018/08/01/attacks-on-industrial-enterprises-using-rms-and-teamviewer/

Historieavdelningen

Flaw in the Enigma Code - Numberphile
https://www.youtube.com/watch?v=V4V2bpZlqx8

DIY

JPL Open Source Rover Project
https://github.com/nasa-jpl/open-source-rover

CERT-SE i veckan