Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.36

Massor av artiklar i detta veckobrev. Valet är ert (_-){

Nyheter i veckan

Five Eyes governments get even tougher on encryption
https://www.zdnet.com/article/five-eyes-governments-get-even-tougher-on-encryption/

Google Wants to Kill the URL
https://www.wired.com/story/google-wants-to-kill-the-url/

Black Hat USA 2018 - NOC Lessons learned
https://www.darkreading.com/operations/lessons-from-the-black-hat-usa-noc/a/d-id/1332710

Why the Whole World Should Be Up in Arms About the EU's Looming Internet Catastrophe
https://www.eff.org/deeplinks/2018/09/why-whole-world-should-be-arms-about-eus-looming-internet-catastrophe

Article 13:Frequently Asked Questions about Censorship Machines and their Impacts
https://openmedia.org/sites/default/files/stl-article13-faq.pdf

Threat Landscape for Industrial Automation Systems in H1 2018
https://securelist.com/threat-landscape-for-industrial-automation-systems-in-h1-2018/87913/

Sensitive data exposure via wifi broadcasts in Android
https://wwws.nightwatchcybersecurity.com/2018/08/29/sensitive-data-exposure-via-wifi-broadcasts-in-android-os-cve-2018-9489/

Mikrotik routers pwned
https://www.theregister.co.uk/2018/09/04/mikrotik_routers_pwned/

What You Can Do with F-Droid
https://f-droid.org/en/tutorials/

Researchers used sonar signal from a smartphone speaker to steal unlock passwords
https://motherboard.vice.com/en_us/article/kzyd4m/researchers-used-sonar-signal-from-a-smartphone-speaker-to-steal-unlock-passwords

Malicious MDM: Let's Hide This App
https://blog.talosintelligence.com/2018/09/ios-mdm-hide-the-app.html

Hundreds of websites, including Stuff's, copied in possible prelude to malware attack
https://www.stuff.co.nz/dominion-post/business/106873914/hundreds-of-websites-including-stuffs-copied-in-possible-prelude-to-malware-attack

Vodafone: You used 1234 as your password and were hacked? You cover the cost
https://www.zdnet.com/article/vodafone-you-used-1234-as-your-password-and-were-hacked-you-cover-the-cost

Incorrect transforms when stripping subdomains
https://bugs.chromium.org/p/chromium/issues/detail?id=881410

Discovery of Thousands of Unsecured 3D Printers Is a Big Problem
https://gizmodo.com/discovery-of-thousands-of-unsecured-3d-printers-is-a-bi-1828857941

Schneider Electric may have shipped USB drives infested with malware
https://www.zdnet.com/article/schneider-electric-shipped-usb-drives-infested-with-malware/#ftag=RSSbaffb68

British Airways data breach: what to do if you have been affected
https://www.theguardian.com/business/2018/sep/07/british-airways-data-breach-what-to-do-if-you-have-been-affected

DOS through Wireshark
https://www.zdnet.com/article/wireshark-fixes-serious-security-flaws-that-can-crash-the-system-cause-dos/

Bad passwords never go out of fashion
https://www.theregister.co.uk/2018/08/28/bad_passwords_never_go_out_of_fashion/

Hackers Hit The Oatmeal, and It Wasn't Funny
https://www.wired.com/story/security-news-the-oatmeal-hacked/

New Hakai IoT botnet takes aim at D-Link, Huawei, and Realtek routers
https://www.zdnet.com/article/new-hakai-iot-botnet-takes-aim-at-d-link-huawei-and-realtek-routers/

(_-){special

En Glad Amatör - Tage Danielsson
https://www.youtube.com/watch?v=xwPhD3X6Tl0

Voting Software
https://xkcd.com/2030/

Analyzing and Exploiting an Elevation of Privilege Vulnerability in Docker for Windows
https://srcincite.io/blog/2018/08/31/you-cant-contain-me-analyzing-and-exploiting-an-elevation-of-privilege-in-docker-for-windows.html

CERT-SE i veckan

Kritiska sårbarheter i Cisco-produkter
https://www.cert.se/2018/09/kritiska-sarbarheter-i-cisco-produkter

Kritiska sårbarheter i Firefox
https://www.cert.se/2018/09/kritiska-sarbarheter-i-firefox