Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

CERT-SE växer. Vi har fyra jobbannonser ute just nu: Desk och junior it-säk senast 5 maj. Operativ koordinator och intrångsdetektion senast 12 maj.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.03

CERT-SE önskar trevlig helg med noga utvalda nyheter!

Nyheter i veckan

New Android Malware Apps Use Motion Sensor to Evade Detection
https://thehackernews.com/2019/01/android-malware-play-store.html

Eight months after discovery, unkillable LoJax rootkit campaign remains active
https://arstechnica.com/information-technology/2019/01/8-months-after-its-discovery-unkillable-lojax-rootkit-campaign-remains-active/

Why is my keyboard connected to the cloud?
https://www.zdnet.com/article/why-is-my-keyboard-connected-to-the-cloud/

Major Security Breach Discovered Affecting Nearly Half of All Airline Travelers Worldwide
https://www.safetydetective.com/blog/major-security-breach-discovered-affecting-nearly-half-of-all-airline-travelers-worldwide/

Fortnite Hacked Via Insecure Single Sign-On
https://threatpost.com/fortnite-hacked-via-insecure-single-sign-on/140913/

Unprotected server of Oklahoma Department of Securities exposes millions of government files
https://securityaffairs.co/wordpress/79983/data-breach/oklahoma-department-securities-data-leak.html

Snorpy a Web Base Tool to Build Snort/Suricata Rules
https://isc.sans.edu/forums/diary/Snorpy+a+Web+Base+Tool+to+Build+SnortSuricata+Rules/24522/

Count the number of people around you by monitoring wifi signals
https://github.com/schollz/howmanypeoplearearound

Some of the biggest web hosting sites were vulnerable to simple account
takeover hacks
https://techcrunch.com/2019/01/14/web-hosting-account-hacks/

A new cryptojacking tactic that involves Wikipedia and downloaded movie
files has been discovered
https://cryptomenow.com/a-new-cryptojacking-tactic-that-involves-wikipedia-and-downloaded-movie-files-has-been-discovered/

Thoughts on the MSI/JAR Authenticode Bypass
https://wwws.nightwatchcybersecurity.com/2019/01/16/thoughts-on-the-msi-jar-authenticode-bypass/

Microsoft LAPS - Blue Team / Red Team
https://isc.sans.edu/diary/Microsoft+LAPS+-+Blue+Team++Red+Team/24528

The 773 Million Record "Collection #1" Data Breach
https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/

Announcing the Microsoft Azure DevOps Bounty program
https://blogs.technet.microsoft.com/msrc/2019/01/17/azure-devops-bounty-program/

CERT-SE i veckan

0-day sårbarhet i Windows hantering av visit- och kontaktkortsfiler

Oracle Critical Patch Update