Publicerad
CERT-SE:s veckobrev v.49
Det är mycket nu. Vi väljer ut några smakprov ur villervallan åt dig.
Nyheter i veckan
Malspam pushing Lokibot malware
https://isc.sans.edu/diary/rss/24372
Printeradvertising.com Spam Service Claims It Can Print Anywhere
https://www.bleepingcomputer.com/news/security/printeradvertisingcom-spam-service-claims-it-can-print-anywhere/
Kubernetes Vulnerability Allowed Malicious Control of Nodes
https://dzone.com/articles/kubernetes-privilege-escalation-vulnerability
Stupid Patent of the Month: A Patent on Using Mathematical Proofs
https://www.eff.org/deeplinks/2018/11/stupid-patent-month-patent-using-mathematical-proofs
New Ransomware Spreading Rapidly in China Infected Over 100,000 PCs
https://thehackernews.com/2018/12/china-ransomware-wechat.html
Apple offers Safari users safer browsing with USB security key support
https://www.engadget.com/2018/12/06/apple-safari-usb-security-key-support/
Adobe fixes zero-day Flash bug after attackers target Russian clinic with exploit
https://www.scmagazine.com/home/security-news/adobe-fixes-zero-day-flash-bug-after-attackers-target-russian-clinic-with-exploit/
Complaints: Google infringes GDPR’s informed consent principle
https://edri.org/complaints-google-infringes-gdprs-informed-consent-principle/
Scam iOS apps promise fitness, steal money instead
https://www.welivesecurity.com/2018/12/03/scam-ios-apps-promise-fitness-steal-money-instead/
A Shift from Cybersecurity to Cyber Resilience: 6 Steps
https://www.darkreading.com/threat-intelligence/a-shift-from-cybersecurity-to-cyber-resilience-6-steps/a/d-id/1333378
Anti-Encryption Law Has Been Passed In Australia
https://www.ubergizmo.com/2018/12/anti-encryption-law-passed-australia/
The Dark Side of the ForSSHe
https://www.welivesecurity.com/wp-content/uploads/2018/12/ESET-The_Dark_Side_of_the_ForSSHe.pdf
DarkVishnya: Banks attacked through direct connection to local network
https://securelist.com/darkvishnya/89169/
SNDBOX: AI-Powered Online Automated Malware Analysis Platform
https://thehackernews.com/2018/12/sndbox-malware-analysis-tool.html
Botnet of Infected WordPress Sites Attacking WordPress Sites
https://www.wordfence.com/blog/2018/12/wordpress-botnet-attacking-wordpress/
Ukraine’s SBU: Russia carried out a cyberattack on Judiciary Systems
https://securityaffairs.co/wordpress/78726/cyber-warfare-2/sbu-russia-cyber-attack.html
Intro to NFC Payment Relay Attacks
https://salmg.net/2018/12/01/intro-to-nfc-payment-relay-attacks/
CERT-SE i veckan
CERT-SE uppmanar drabbade av nätfiske att höra av sig
Säkerhetsuppdateringar från Apple
Kritiska sårbarheter i Kubernetes OpenShift produkter och tjänster