Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.49

Det är mycket nu. Vi väljer ut några smakprov ur villervallan åt dig.

Nyheter i veckan

Malspam pushing Lokibot malware
https://isc.sans.edu/diary/rss/24372

Printeradvertising.com Spam Service Claims It Can Print Anywhere
https://www.bleepingcomputer.com/news/security/printeradvertisingcom-spam-service-claims-it-can-print-anywhere/

Kubernetes Vulnerability Allowed Malicious Control of Nodes
https://dzone.com/articles/kubernetes-privilege-escalation-vulnerability

Stupid Patent of the Month: A Patent on Using Mathematical Proofs
https://www.eff.org/deeplinks/2018/11/stupid-patent-month-patent-using-mathematical-proofs

New Ransomware Spreading Rapidly in China Infected Over 100,000 PCs
https://thehackernews.com/2018/12/china-ransomware-wechat.html

Apple offers Safari users safer browsing with USB security key support
https://www.engadget.com/2018/12/06/apple-safari-usb-security-key-support/

Adobe fixes zero-day Flash bug after attackers target Russian clinic with exploit
https://www.scmagazine.com/home/security-news/adobe-fixes-zero-day-flash-bug-after-attackers-target-russian-clinic-with-exploit/

Complaints: Google infringes GDPR’s informed consent principle
https://edri.org/complaints-google-infringes-gdprs-informed-consent-principle/

Scam iOS apps promise fitness, steal money instead
https://www.welivesecurity.com/2018/12/03/scam-ios-apps-promise-fitness-steal-money-instead/

A Shift from Cybersecurity to Cyber Resilience: 6 Steps
https://www.darkreading.com/threat-intelligence/a-shift-from-cybersecurity-to-cyber-resilience-6-steps/a/d-id/1333378

Anti-Encryption Law Has Been Passed In Australia
https://www.ubergizmo.com/2018/12/anti-encryption-law-passed-australia/

The Dark Side of the ForSSHe
https://www.welivesecurity.com/wp-content/uploads/2018/12/ESET-The_Dark_Side_of_the_ForSSHe.pdf

DarkVishnya: Banks attacked through direct connection to local network
https://securelist.com/darkvishnya/89169/

SNDBOX: AI-Powered Online Automated Malware Analysis Platform
https://thehackernews.com/2018/12/sndbox-malware-analysis-tool.html

Botnet of Infected WordPress Sites Attacking WordPress Sites
https://www.wordfence.com/blog/2018/12/wordpress-botnet-attacking-wordpress/

Ukraine’s SBU: Russia carried out a cyberattack on Judiciary Systems
https://securityaffairs.co/wordpress/78726/cyber-warfare-2/sbu-russia-cyber-attack.html

Intro to NFC Payment Relay Attacks
https://salmg.net/2018/12/01/intro-to-nfc-payment-relay-attacks/

CERT-SE i veckan

CERT-SE uppmanar drabbade av nätfiske att höra av sig

Säkerhetsuppdateringar från Apple

0-day i Adobe Flash Player

Kritiska sårbarheter i Kubernetes OpenShift produkter och tjänster

0-day i NUUO videoövervakningssystem