Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

CERT-SE växer. Vi har fyra jobbannonser ute just nu: Desk och junior it-säk senast 5 maj. Operativ koordinator och intrångsdetektion senast 12 maj.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.05

Lagom till helgmyset levereras här nu en ny kollektion av länkar i form av CERT-SE:s veckobrev.
Trevlig helg!

Nyheter i veckan

DNS flag day
https://dnsflagday.net/

ENISA Threat Landscape Report 2018
https://www.enisa.europa.eu/publications/enisa-threat-landscape-report-2018

Årsrapport från FRA
https://www.fra.se/nyheter/nyhetsarkiv/news/arsrapportenfor2018publicerad.5.69cf97cd167832fc038242.html

Ethical Hacker Exposes Magyar Telekom Vulnerabilities, Faces 8 Years in Jail
https://www.bleepingcomputer.com/news/security/ethical-hacker-exposes-magyar-telekom-vulnerabilities-faces-8-years-in-jail/

coTURN Administrator Web Portal SQL injection vulnerability
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0730

Semi-automatic OSINT framework and package manager
https://github.com/kpcyrd/sn0int

Japanese Government Will Hack Citizens' IoT Devices
https://www.schneier.com/blog/archives/2019/01/japanese_govern.html

Airbus data breach impacts employees in Europe
https://www.zdnet.com/article/airbus-data-breach-impacts-employees-in-europe/

Hackers Are Passing Around a Megaleak of 2.2 Billion Records
https://www.wired.com/story/collection-leak-usernames-passwords-billions/

Three Charged for Working With Serial Swatter
https://krebsonsecurity.com/2019/01/three-charged-for-working-with-serial-swatter/

Mac malware found stealing cryptocurrency
https://www.macworld.co.uk/news/mac-software/cookieminer-cryptocurrency-3691489/

The Cobalt Strike advanced persistent threat (APT) group is using Google App Engine to spread PDF malware against financial firms.
https://www.hackread.com/hackers-abusing-google-app-engine-to-spread-pdf-malware/

UAE used cyber super-weapon to spy on iPhones of foes
https://www.reuters.com/article/us-usa-spying-karma-exclusive/exclusive-uae-used-cyber-super-weapon-to-spy-on-iphones-of-foes-idUSKCN1PO1AN

How I abused 2FA to maintain persistence after a password change (Google, Microsoft, Instagram, Cloudflare, etc)
https://medium.com/@lukeberner/how-i-abused-2fa-to-maintain-persistence-after-a-password-change-google-microsoft-instagram-7e3f455b71a1

Google Pulls Data-Chugging App From iOS Devices
https://threatpost.com/google-pulls-data-chugging-app-from-ios-devices/141358/

Data of 14,200 diagnosed with HIV in Singapore leaked online
https://www.zdnet.com/article/data-of-14200-diagnosed-with-hiv-in-singapore-leaked-online/

Authorities across the world going after users of biggest DDoS-for-hire website
https://www.europol.europa.eu/newsroom/news/authorities-across-world-going-after-users-of-biggest-ddos-for-hire-website

CERT-SE i veckan

Skydda er information i DNS

Apples facetime medger avlyssning

0-day i Microsoft Exchange 2013 och senare [Uppdaterad]