Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

CERT-SE växer. Nu finns två jobbannonser ute: it-säkerhetsspecialist och junior systemadministratör.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.10

Fredag igen, CERT-SE önskar trevlig helg!

Nyheter i veckan

The Prototype iPhones That Hackers Use to Research Apple’s Most Sensitive Code
https://motherboard.vice.com/en_us/article/gyakgw/the-prototype-dev-fused-iphones-that-hackers-use-to-research-apple-zero-days

Cloudflare Deploys Firewall Rule to Block New Drupal Exploits
https://www.bleepingcomputer.com/news/security/cloudflare-deploys-firewall-rule-to-block-new-drupal-exploits/

Ransomware warning: The gang behind this virulent malware just changed tactics again
https://www.zdnet.com/article/ransomware-warning-the-gang-behind-this-virulent-malware-just-changed-tactics-again/#ftag=RSSbaffb68

NSA Releases GHIDRA 9.0 — Free, Powerful Reverse Engineering Tool
https://thehackernews.com/2019/03/ghidra-reverse-engineering-tool.html

Smart alarms left 3 million cars vulnerable to hackers who could turn off motors
https://www.cnet.com/news/smart-alarms-left-3m-cars-vulnerable-to-hackers-who-could-turn-off-motors/

SPOILER alert, literally: Intel CPUs afflicted with simple data-spewing spec-exec vulnerability
https://www.theregister.co.uk/2019/03/05/spoiler_intel_flaw

Cisco Talos Honeypot Analysis Reveals Rise in Attacks on Elasticsearch Clusters
https://blog.talosintelligence.com/2019/02/cisco-talos-honeypot-analysis-reveals.html

Campaigns Delivering More_eggs Backdoor via Fake Job Offers
https://www.proofpoint.com/us/threat-insight/post/fake-jobs-campaigns-delivering-moreeggs-backdoor-fake-job-offers/

Ransomware Pretends to Be Proton Security Team Securing Data From Hackers
https://www.bleepingcomputer.com/news/security/ransomware-pretends-to-be-proton-security-team-securing-data-from-hackers/

Smart Ski Helmet Headphone Flaws Leak Personal, GPS Data
https://threatpost.com/smart-ski-helmet-headphone-flaws-leak-personal-gps-data/142456/

Ransomware attack on Israeli users fails miserably due to coding error
https://www.zdnet.com/article/ransomware-attack-on-israeli-users-fails-miserably-due-to-coding-error/#ftag=RSSbaffb68

EU recalls children's smartwatch over data fears
https://www.theguardian.com/technology/2019/feb/05/eu-recalls-childrens-smartwatch-over-data-fears

No More Passwords? WebAuthn Becomes an Official Web Standard
https://www.securitymagazine.com/articles/89958-no-more-passwords-webauthn-becomes-an-official-web-standard

Jokeroo Ransomware-as-a-Service Offers Multiple Membership Packages
https://www.bleepingcomputer.com/news/security/jokeroo-ransomware-as-a-service-offers-multiple-membership-packages/

DIY

How to Find Active VPN Connection in the Memory Dump
https://habr.com/en/post/442590/

Penetration Testing Active Directory, Part I
https://hausec.com/2019/03/05/penetration-testing-active-directory-part-i/

GPS uses 10 bits to store the week. That means it runs out... oh heck – April 6, 2019
https://www.theregister.co.uk/2019/02/12/current_gps_epoch_ends/

CERT-SE i veckan

Allvarliga sårbarheter i Cisco-produkter

Kritisk sårbarhet i Google Chrome utnyttjas aktivt.

0-day sårbarhet i HP Enterprise Intelligent Management Center