Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.14

Trevlig helg önskar CERT-SE!

Nyheter i veckan

Huawei laptop 'backdoor' flaw raises concerns
https://www.bbc.com/news/technology-47800000

540 Million Facebook User Records Found On Unprotected Amazon Servers
https://thehackernews.com/2019/04/facebook-app-database.html

Facebook is partnering with a big UK newspaper to publish sponsored articles downplaying 'technofears' and praising the company
https://nordic.businessinsider.com/facebook-daily-telegraph-positive-sponsored-news-stories-2019-4

Unpatched Zero-Days in Microsoft Edge and IE Browsers Disclosed Publicly
https://thehackernews.com/2019/03/microsoft-edge-ie-zero-days.html

Fake AV is Back: LaCie Network Drives Used to Spread Malware
https://isc.sans.edu/forums/diary/Fake+AV+is+Back+LaCie+Network+Drives+Used+to+Spread+Malware/24802/

93% of Paint Splatters are Valid Perl Programs
http://colinm.org/sigbovik/

Ongoing DNS hijackings target unpatched consumer routers
https://arstechnica.com/information-technology/2019/04/ongoing-dns-hijackings-target-unpatched-consumer-routers/

Exodus: New Android Spyware Made in Italy
https://securitywithoutborders.org/blog/2019/03/29/exodus.html

NSA Releases GHIDRA Source Code
https://www.nsa.gov/resources/everyone/ghidra/

Nästan 300 it-incidentrapporter från statliga myndigheter 2018 – men fler kan rapportera mer
https://www.msb.se/sv/Om-MSB/Nyheter-och-press/Nyheter/Nyheter-fran-MSB/Nastan-300-it-incidentrapporter-fran-statliga-myndigheter-2018--men-fler-kan-rapportera-mer/

Microsoft Bounty Program Updates: Faster bounty review, faster payments, and higher rewards
https://blogs.technet.microsoft.com/msrc/2019/04/02/microsoft-bounty-program-updates-faster-bounty-review-faster-payments-and-higher-rewards/

The Different Types of XSS Explained With Code Examples
https://dzone.com/articles/the-different-types-of-xss-explained-with-code-exa

OceanLotus APT Uses Steganography to Shroud Payloads
https://threatpost.com/oceanlotus-apt-uses-steganography-to-shroud-payloads/143373/

Mapping Out a Malware Distribution Network
https://www.bromium.com/mapping-malware-distribution-network/

In its ransomware response, Norsk Hydro is an example for us all
https://www.grahamcluley.com/in-its-ransomware-response-norsk-hydro-is-an-example-for-us-all/

Assessing Unikernel Security
https://www.nccgroup.trust/us/our-research/assessing-unikernel-security/

CERT-SE i veckan

Allvarliga sårbarheter i Cisco-produkter (uppdaterad)

Sårbarheter i Apache httpd

MSB:s årsrapport för it-incidentrapportering 2018