Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.37

Trevlig helg önskar CERT-SE och att triskaidekafobin inte blir för stor!

Nyheter i veckan

Initial Metasploit Exploit Module for BlueKeep (CVE-2019-0708)
https://blog.rapid7.com/2019/09/06/initial-metasploit-exploit-module-for-bluekeep-cve-2019-0708/

Intel server-grade CPUs impacted by new NetCAT attack
https://www.zdnet.com/article/intel-server-grade-cpus-impacted-by-new-netcat-attack/

ESET discovered an undocumented backdoor used by the infamous Stealth Falcon group
https://www.welivesecurity.com/2019/09/09/backdoor-stealth-falcon-group/

Microsoft Phishing Page Uses Captcha to Bypass Automated Detection
https://www.bleepingcomputer.com/news/security/microsoft-phishing-page-uses-captcha-to-bypass-automated-detection/

Hackerne i Hydro-saken planla flere cyberangrep
https://www.aftenposten.no/norge/i/b5o3yA/Hackerne-i-Hydro-saken-planla-flere-cyberangrep

What is WannaCry?
https://www.itpro.co.uk/wannacry/34352/what-is-wannacry

Microsoft, Hewlett Foundation preparing to launch nonprofit that calls out cyberattacks
https://www.cyberscoop.com/microsoft-cyber-peace-institute-hewlitt-foundation-brad-smith/

Cyberattack Disrupted Firewalls at U.S. Power Utility
https://www.securityweek.com/cyberattack-disrupted-firewalls-us-power-utility

Multiple Vulnerabilities in Comba and D-Link Routers
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/multiple-vulnerabilities-in-comba-and-d-link-routers/

Uncovering IoT Threats in the Cybercrime Underground
https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/the-internet-of-things-in-the-cybercrime-underground

Telnet Backdoor Opens More Than 1M IoT Radios to Hijack
https://threatpost.com/million-iot-radios-hijack-telnet-backdoor/148123/

Sunsetting Python 2
https://www.python.org/doc/sunset-python-2/

DNS-special

What’s next in making Encrypted DNS-over-HTTPS the Default
https://blog.mozilla.org/futurereleases/2019/09/06/whats-next-in-making-dns-over-https-the-default/

Experimenting with same-provider DNS-over-HTTPS upgrade
https://blog.chromium.org/2019/09/experimenting-with-same-provider-dns.html

PsiXBot Now Using Google DNS over HTTPS and Possible New Sexploitation Module
https://www.proofpoint.com/us/threat-insight/post/psixbot-now-using-google-dns-over-https-and-possible-new-sexploitation-module

Blocking Firefox DoH with Bind
https://isc.sans.edu/forums/diary/Blocking+Firefox+DoH+with+Bind/25316/

CERT-SE i veckan

Microsofts månatliga säkerhetsuppdateringar för september 2019

Säkerhetsuppdateringar för Adobe-produkter