Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.38

Tid att läsa igenom veckans länksamling.

Nyheter i veckan

Equifax: America’s In-Credible Insecurity
http://icitech.org/wp-content/uploads/2017/09/ICIT-Analysis-Equifax-Americas-In-Credible-Insecurity-Part-One.pdf

a-PATCH-e: Struts Vulnerabilities Run Rampant
https://blog.trendmicro.com/trendlabs-security-intelligence/apache-struts-vulnerabilities-run-rampant/

Equifax fooled again! Blundering credit biz directs hack attack victims to parody site
https://www.theregister.co.uk/2017/09/21/equifax_fooled_again_company_teets_out_links_to_website_parodying_it/

CCleanup: A Vast Number of Machines at Risk
https://blog.talosintelligence.com/2017/09/avast-distributes-malware.html

CCleaner Command and Control Causes Concern
https://blog.talosintelligence.com/2017/09/ccleaner-c2-concern.html

Apache “Optionsbleed” vulnerability – what you need to know
https://nakedsecurity.sophos.com/2017/09/19/apache-optionsbleed-vulnerability-what-you-need-to-know/

BSides Augusta 2017 Videos
https://www.youtube.com/playlist?list=PLEJJRQNh3v_PQEsZ8R7H6xKe9Bkg_KnVC

Number of lost, stolen or compromised records increased by 164%
https://www.helpnetsecurity.com/2017/09/20/lost-stolen-compromised-records/

Kernel Exploitation
http://resources.infosecinstitute.com/windows-kernel-exploitation-part-1/
http://resources.infosecinstitute.com/kernel-exploitation-part-2/
http://resources.infosecinstitute.com/kernel-exploitation-part-3/

Here’s How Hackers Can Hijack Your Online Bitcoin Wallets
https://thehackernews.com/2017/09/hacking-bitcoin-wallets.html

Achieve Scalable Anonymous Communication With Loopix
https://themerkle.com/achieving-scalable-anonymous-communication-with-loopix/

0x00sec Programming Tutorials
https://0x00sec.org/c/programming/tutorials

Iranian APT33 Targets US Firms with Destructive Malware
https://threatpost.com/iranian-apt33-targets-us-firms-with-destructive-malware/128074/

SIP-Based Audit and Attack Tool - Mr.SIP
http://www.ehacking.net/2017/09/sip-based-audit-and-attack-tool-mrsip.html

Hacking into Internet Connected Light Bulbs
https://www.contextis.com/blog/hacking-into-internet-connected-light-bulbs

Hackers hold entire school district to ransom
https://nakedsecurity.sophos.com/2017/09/21/hackers-holds-entire-school-district-to-ransom/

The UK government asked WhatsApp to built a Backdoor in its systems but the Company declined it
https://latesthackingnews.com/2017/09/22/uk-government-asked-whatsapp-built-backdoor-systems-company-declined/

Locky Unleashes Multiple Spam Waves with a New Variant “ykcol“
https://blog.fortinet.com/2017/09/21/locky-unleashes-multiple-spam-waves-with-a-new-variant-ykcol

CERT-SE i veckan

Apple iOS 11 rättar allvarliga säkerhetsbrister

Sårbarheter i Cisco-produkter

CCleaner infekterad

CERT-SE tekniska råd med anledning av det aktuella dataintrångsfallet (B 8322-16)