Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.16

Den här veckan blir det med anledning av påsken en äggstra tidig utgivning av veckobrevet.

Trevlig påsk önskar CERT-SE, och se upp för häXXorna!

Nyheter i veckan

Dragonblood: Data-leaking flaw in WPA3 Wi-Fi authentication
https://nakedsecurity.sophos.com/2019/04/15/dragonblood-data-leaking-flaw-in-wpa3-wi-fi-authentication/

Bruteforce bot recruitment uses GoBrut malware on content management systems
https://www.scmagazineuk.com/bruteforce-bot-recruitment-uses-gobrut-malware-content-management-systems/article/1582064

Scranos rootkit expands operations from China to the rest of the world
https://www.zdnet.com/article/scranos-rootkit-expands-operations-from-china-to-the-rest-of-the-world/

Experts: Breach at IT Outsourcing Giant Wipro
https://krebsonsecurity.com/2019/04/experts-breach-at-it-outsourcing-giant-wipro/

FRA:s Cyberförsvarspodden
http://cyberforsvarspodden.podbean.com/

Lösenordshanterare löser dina lösenordsproblem
https://internetstiftelsen.se/losenordshanterare-loser-dina-losenordsproblem/

A security researcher with a grudge is dropping Web 0days on innocent users
https://arstechnica.com/information-technology/2019/04/a-security-researcher-with-a-grudge-is-dropping-web-0days-on-innocent-users/

Mysterious Hackers Hid Their Swiss Army Spyware for 5 Years
https://www.wired.com/story/tajmahal-swiss-army-spyware-apt/

DHS alerts industry to insecure enterprise VPN apps
https://www.cyberscoop.com/dhs-alert-enterprise-vpn-cisco-f5-palo-alto-networks/

A hacker has dumped nearly one billion user records over the past two months
https://www.zdnet.com/article/a-hacker-has-dumped-nearly-one-billion-user-records-over-the-past-two-months/

Fortinet settles charges of selling intentionally mislabeled Chinese-made tech to U.S. military
https://www.cyberscoop.com/fortinet-legal-settlement-china-us-military/

Hackers used credentials of a Microsoft Support worker to access users’ webmail
https://www.helpnetsecurity.com/2019/04/16/microsoft-webmail-services-unauthorized-access/

TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids
https://threatpost.com/tictoctrack-smartwatch-flaws-track-kids/143791/

Open Source Tool From FireEye Automates Analysis of Flash Files
https://www.securityweek.com/open-source-tool-fireeye-automates-analysis-flash-files

CERT-SE i veckan

Sårbarhet i Confluence utnyttjas aktivt.

Oracle Critical Patch Update