Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

CERT-SE växer. Vi har fyra jobbannonser ute just nu: Desk och junior it-säk senast 5 maj. Operativ koordinator och intrångsdetektion senast 12 maj.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.47

En "svart fredag" tycker somliga men för oss andra är det vanlig fredag, och med det ytterligare ett CERT-SE veckobrev.
Trevlig helg!

Veckans länkar

Microsoft’s MFA is so strong, it locked out users for 8 hours
https://nakedsecurity.sophos.com/2018/11/21/microsofts-mfa-is-so-strong-it-locked-out-users-for-8-hours/

OceanLotus: New watering hole attack in Southeast Asia
https://www.welivesecurity.com/2018/11/20/oceanlotus-new-watering-hole-attack-southeast-asia/

Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan
https://researchcenter.paloaltonetworks.com/2018/11/unit42-sofacy-continues-global-attacks-wheels-new-cannon-trojan/

Exploring Emotet: Examining Emotet’s Activities, Infrastructure
https://blog.trendmicro.com/trendlabs-security-intelligence/exploring-emotet-examining-emotets-activities-infrastructure/

Kraken Cryptor Ransomware Gains Popularity Among Cybercriminals
https://go.recordedfuture.com/hubfs/reports/cta-2018-1030.pdf

First botnet attack on smart TV sets identified
https://www.broadbandtvnews.com/2018/11/19/first-botnet-attack-on-smart-tv-sets-identified/

Instagram’s Data Download tool has exposed some users’ passwords
https://www.trustedreviews.com/news/instagram-data-download-3622809

New Modular tRat Remote Access Trojan Surfaced During September
https://news.softpedia.com/news/new-modular-trat-remote-access-trojan-surfaced-during-september-523867.shtml

15+ years of botnets
https://blog.barracuda.com/2018/11/19/15-years-of-botnets/

An Analysis of the ProtonMail Cryptographic Architecture
https://eprint.iacr.org/2018/1121.pdf

Gmail encryption: Everything you need to know
https://www.computerworld.com/article/3322497/security/gmail-encryption.html

Hackers erase 6,500 sites from the Dark Web in one attack
https://nakedsecurity.sophos.com/2018/11/21/hacker-erases-6500-sites-from-the-dark-web/

Potentially disastrous Rowhammer bitflips can bypass ECC protections
https://arstechnica.com/information-technology/2018/11/potentially-disastrous-rowhammer-bitflips-can-bypass-ecc-protections/

Kaspersky Security Bulletin: Threat Predictions for 2019
https://securelist.com/kaspersky-security-bulletin-threat-predictions-for-2019/88878/

Mirai: Not Just For IoT Anymore
https://asert.arbornetworks.com/mirai-not-just-for-iot-anymore/

"Svart fredag"-special [1]

What scams shoppers should look out for on Black Friday and Cyber Monday
https://blog.talosintelligence.com/2018/11/what-scams-shoppers-should-look-out-for.html

Every day is Black Friday
https://nakedsecurity.sophos.com/2018/11/20/every-day-is-black-friday/

Shop Safe This Holiday Season
https://foundation.mozilla.org/en/privacynotincluded/

How to navigate Black Friday and Cyber Monday without getting scammed or hacked
https://www.techradar.com/news/how-to-navigate-black-friday-and-cyber-monday-without-getting-scammed-or-hacked

Nördavdelningen

Pwn Adventure Sourcery - A hacked universe game
https://sourcery.pwnadventure.com/

CERT-SE i veckan

Sårbarheter rättade i VMware vSphere Data Protection

Kritiska sårbarheter i Adobe Flash Player

Källor

[1] https://sv.wikipedia.org/wiki/Black_Friday