Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

Jobba på CERT-SE? Nu söker vi en förvaltningsledare IT inom cybersäkerhet med sista ansökningsdag 17 augusti, samt en administrativ stjärna med it-säkerhetskunskap till vår desk med sista ansökningsdag 23 augusti.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.45

Veckans notiser

China Telecom's Internet Traffic Misdirection
https://internetintel.oracle.com/blog-single.html?id=China+Telecom%27s+Internet+Traffic+Misdirection

PortSmash attack blasts hole in Intel's Hyper-Threading CPUs, leaves with secret crypto keys
https://www.theregister.co.uk/2018/11/02/portsmash_intel_security_attack/

EFF Unveils Virtual Reality Tool To Help People Spot Surveillance Devices in Their Communities
https://www.eff.org/press/releases/eff-unveils-virtual-reality-tool-help-people-spot-surveillance-devices-their

Flaws in self-encrypting SSDs let attackers bypass disk encryption
https://www.zdnet.com/article/flaws-in-self-encrypting-ssds-let-attackers-bypass-disk-encryption/

How to Use Passive DNS to Inform Your Incident Response
https://securityintelligence.com/how-to-use-passive-dns-to-inform-your-incident-response/

Malware of the 1980s: Looking back at the Brain Virus and the Morris Worm
https://www.welivesecurity.com/2018/11/05/malware-1980s-brain-virus-morris-worm/

Who’s In Your Online Shopping Cart?
https://krebsonsecurity.com/2018/11/whos-in-your-online-shopping-cart/

Creating a QR Code step by step
https://www.nayuki.io/page/creating-a-qr-code-step-by-step

BitBench - Visually dissect and analyze bit strings
https://github.com/zuckschwerdt/bitbench

When Accounts are "Hacked" Due to Poor Passwords, Victims Must Share the Blame
https://www.troyhunt.com/when-accounts-are-hacked-victims-must-share-the-blame/

BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid
https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-soltan.pdf

US Cyber Command starts uploading foreign APT malware to VirusTotal
https://www.zdnet.com/article/us-cyber-command-starts-uploading-foreign-apt-malware-to-virustotal/

BCMPUPnP_Hunter: A 100k Botnet Turns Home Routers to Email Spammers
https://blog.netlab.360.com/bcmpupnp_hunter-a-100k-botnet-turns-home-routers-to-email-spammers-en/

CERT-SE i veckan

0-day sårbarhet i VirtualBox

Sårbarheter i flertalet självkrypterande SSD.