Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

CERT-SE växer. Nu finns två jobbannonser ute: it-säkerhetsspecialist och systemadministratör.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.50

Ingenting kan stoppa att vi rör oss mot juletider och tomtens bod är laddad med klappar.

Veckans ho ho ho

Advanced Calendar of Advent Cyber Fail 2018
http://xmas.rip/

SJ-system hackat – samtliga lösenord byts
https://www.svt.se/nyheter/inrikes/sj-system-hackat-samtliga-losenord-byts

Exklusiv miljonärsklubb hackad – personuppgifter på vift
https://techworld.idg.se/2.2524/1.711965/exklusiv-miljonarsklubb-hackad

EU negotiators agree on strengthening Europe's cybersecurity
https://ec.europa.eu/commission/news/cybersecurity-act-2018-dec-11_en

Op 'Sharpshooter' Uses Lazarus Group Tactics, Techniques, and Procedures
https://www.bleepingcomputer.com/news/security/op-sharpshooter-uses-lazarus-group-tactics-techniques-and-procedures/

Android Trojan steals money from PayPal accounts even with 2FA on
https://www.welivesecurity.com/2018/12/11/android-trojan-steals-money-paypal-accounts-2fa/

Dear Joohn: The Sofacy Group’s Global Campaign
https://researchcenter.paloaltonetworks.com/2018/12/dear-joohn-sofacy-groups-global-campaign/

Every moment of every day, mobile phone apps collect detailed location data
https://www.nytimes.com/interactive/2018/12/10/business/location-data-privacy-apps.html

For the fourth month in a row, Microsoft patches Windows zero-day used in the wild
https://www.zdnet.com/article/for-the-fourth-month-in-a-row-microsoft-patches-windows-zero-day-used-in-the-wild/

A New Google+ Blunder Exposed Data From 52.5 Million Users
https://www.wired.com/story/google-plus-bug-52-million-users-data-exposed/

ESET discovers 21 new Linux malware families
https://www.zdnet.com/article/eset-discovers-21-new-linux-malware-families/

Iranian phishers bypass 2fa protections offered by Yahoo Mail and Gmail
https://arstechnica.com/information-technology/2018/12/iranian-phishers-bypass-2fa-protections-offered-by-yahoo-mail-and-gmail/

New secured phishing site goes up every two minutes
https://www.scmagazine.com/home/security-news/threat-actors-are-playing-by-the-rules-or-at-least-tricking-your-browser-into-thinking-they-are-in-order-to-deliver-more-effective-attacks/

Over 40,000 credentials for government portals found online
https://www.zdnet.com/article/over-40000-credentials-for-government-portals-found-online/

50 CVEs in 50 Days: Fuzzing Adobe Reader
https://research.checkpoint.com/50-adobe-cves-in-50-days/

New Exploit Kit “Novidade” Found Targeting Home and SOHO Routers
https://blog.trendmicro.com/trendlabs-security-intelligence/new-exploit-kit-novidade-found-targeting-home-and-soho-routers/

CERT-SE i veckan

Google rättar sårbarheter i Chrome (Stable Channel)

Säkerhetsuppdatering släppt för WordPress

Kritiska sårbarheter i Adobe Acrobat and Reader

Microsofts månatliga säkerhetsuppdateringar för december 2018