![[CERT-SE]](/static/img/cert-se.svg)
![[MSB]](/static/img/msb.svg)
Publicerad
CERT-SE:s veckobrev v.48
Gimme, gimme, gimme da veckobrev.
Noterat i veckan
The incomplete Dirty COW patch
https://medium.com/bindecy/huge-dirty-cow-cve-2017-1000405-110eca132de0
Why does man print “gimme gimme gimme” at 00:30?
https://unix.stackexchange.com/questions/405783/why-does-man-print-gimme-gimme-gimme-at-0030/405874
Virtual System Forensics
https://www.sans.org/reading-room/whitepapers/bestprac/exploring-effectiveness-approaches-discovering-acquiring-virtualized-servers-esxi-38155
Vulnerability Walkthrough: 7zip CVE-2016-2334 HFS+ Code Execution Vulnerability
http://blog.talosintelligence.com/2017/11/exploiting-cve-2016-2334.html#more
Let's celebrate Donald Knuth
http://knuth80.elfbrink.se/
RAT Distributed Via Google Drive Targets East Asia
https://threatpost.com/rat-distributed-via-google-drive-targets-east-asia/129047/
Persistent drive-by cryptomining coming to a browser near you
https://blog.malwarebytes.com/cybercrime/2017/11/persistent-drive-by-cryptomining-coming-to-a-browser-near-you/
Cryptocurrency Mining Scripts Now Run Even After You Close Your Browser
https://thehackernews.com/2017/11/cryptocurrency-mining-javascript.html
Should Social Media be Considered Part of Critical Infrastructure?
http://www.securityweek.com/should-social-media-be-considered-part-critical-infrastructure
Damned Insecure REST API
https://github.com/payatu/Tiredful-API/blob/master/README.md
Linux Expl0rer - Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask.
https://github.com/intezer/linux-explorer
Symmetric crypto with forward secrecy using two yubikeys
https://paranoidbeavers.ca/spy-stuff.html
JAWS - Just Another Windows (Enum) Script
https://411hall.github.io/JAWS-Enumeration/
CERT-SE i veckan
MacOS, High Sierra säkerhetsuppdatering