Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.38

cert_se_önskar.f PRINT *, "Trevlig helg!" END

Nyheter i veckan

Microsoft Extending End of Support for Exchange Server 2010 to October 13th, 2020
https://techcommunity.microsoft.com/t5/Exchange-Team-Blog/Microsoft-Extending-End-of-Support-for-Exchange-Server-2010-to/ba-p/753591

Password-exposing bug purged from LastPass extensions
https://arstechnica.com/information-technology/2019/09/lastpass-fixes-bug-that-leaked-the-password-of-last-logged-in-account/

SOHOpelessly Broken 2.0
https://www.securityevaluators.com/whitepaper/sohopelessly-broken-2/

New Clues Show How Russia’s Grid Hackers Aimed for Physical Destruction
https://www.wired.com/story/russia-ukraine-cyberattack-power-grid-blackout-destruction/

Most Cyber Attacks Focus on Just Three TCP Ports
https://www.bleepingcomputer.com/news/security/most-cyber-attacks-focus-on-just-three-tcp-ports/

Skidmap Linux Malware Uses Rootkit Capabilities to Hide Cryptocurrency-Mining Payload
https://blog.trendmicro.com/trendlabs-security-intelligence/skidmap-linux-malware-uses-rootkit-capabilities-to-hide-cryptocurrency-mining-payload/

New hacking group targets IT companies in first stage of supply chain attacks
https://www.zdnet.com/article/cybersecurity-new-hacking-group-targets-it-companies-in-supply-chain-attack-campaign/

Phishing Attack Targets The Guardian's Whistleblowing Site
https://www.bleepingcomputer.com/news/security/phishing-attack-targets-the-guardians-whistleblowing-site/

Database leaks data on most of Ecuador's citizens, including 6.7 million children
https://www.zdnet.com/article/database-leaks-data-on-most-of-ecuadors-citizens-including-6-7-million-children/

Millions of Americans’ Medical Images and Data Are Available on the Internet. Anyone Can Take a Peek
https://www.propublica.org/article/millions-of-americans-medical-images-and-data-are-available-on-the-internet

Google Calendar Settings Gaffes Exposes Users’ Meetings, Company Details
https://threatpost.com/google-calendar-settings-gaffes-exposes-users-meetings-company-details/148384/

iPhone lockscreen bypass: iOS 13 tricked into showing your contacts
https://nakedsecurity.sophos.com/2019/09/16/iphone-lockscreen-bypass-ios-13-tricked-into-showing-your-contacts/

Google fixes Chromebook 2FA flaw in ‘built-in security key
https://nakedsecurity.sophos.com/2019/09/16/google-fixes-chromebook-2fa-flaw-in-built-in-security-key/

AMD ATI Radeon ATIDXX64.DLL shader functionality remote code execution vulnerability
https://blog.talosintelligence.com/2019/09/vuln-spotlight-AMD-Radeon-ATI-sept-19.html

2019 CWE Top 25 Most Dangerous Software Errors
https://cwe.mitre.org/top25/archive/2019/2019_cwe_top25.html

Securing software, together
https://github.blog/2019-09-18-securing-software-together/

CERT-SE i veckan