![[CERT-SE]](/static/img/cert-se.svg)
![[MSB]](/static/img/msb.svg)
Publicerad
CERT-SE:s veckobrev v.49
Rätt som det är har vi fredag igen. Då skapar vi traditionsenligt veckans kompott av webblänkar.
Nyheter i veckan
A Guide to Make Shopping for Connected Gifts Safer, Easier, and Way More Fun
https://advocacy.mozilla.org/en-US/privacynotincluded
ProtonMail Bridge offers encryption for your desktop email client
https://protonmail.com/blog/thunderbird-outlook-encrypted-email/
Bell is leading the push to end Canadian Net Neutrality
https://boingboing.net/2017/12/05/piracyfinder-general-2.html
Germany Preparing Law for Backdoors in Any Type of Modern Device
https://www.bleepingcomputer.com/news/government/germany-preparing-law-for-backdoors-in-any-type-of-modern-device/
Intel Management Engine pwned by buffer overflow
https://www.theregister.co.uk/2017/12/06/intel_management_engine_pwned_by_buffer_overflow/
Deep dive into Intel Management Engine disablement
https://puri.sm/posts/deep-dive-into-intel-me-disablement/
Computer vendors start disabling Intel Management Engine
http://www.zdnet.com/article/computer-vendors-start-disabling-intel-management-engine/
https://liliputing.com/2017/12/dell-also-sells-laptops-intel-management-engine-disabled.html
A 3-in-1 Security Incident Response Platform for SOCs, CSIRTs, CERTs
https://isc.sans.edu/forums/diary/IR+using+the+Hive+Project/23099/
Mailsploit Makes it Easier to Spoof From Headers in E-Mails
https://www.mailsploit.com
Visualise Event Logs to Identify Compromised Accounts - LogonTracer -
http://blog.jpcert.or.jp/2017/11/visualise-event-logs-to-identify-compromised-accounts---logontracer-.html
Sysinternals Sysmon suspicious activity guide
https://blogs.technet.microsoft.com/motiba/2017/12/07/sysinternals-sysmon-suspicious-activity-guide/
How I’ve captured all passwords trying to ssh into my server!
https://hackernoon.com/how-ive-captured-all-passwords-trying-to-ssh-into-my-server-d26a2a6263ec
Andromeda botnet dismantled in international cyber operation
https://www.europol.europa.eu/newsroom/news/andromeda-botnet-dismantled-in-international-cyber-operation
https://www.recordedfuture.com/ar3s-behind-andromeda/
Anti-Skimmer Detector for Skimmer Scammers
https://krebsonsecurity.com/2017/12/anti-skimmer-detector-for-skimmer-scammers/
MacOS Update Accidentally Undoes Apple's "Root" Bug Patch
https://www.wired.com/story/macos-update-undoes-apple-root-bug-patch/
Thousands of Serial-To-Ethernet Devices Leak Telnet Passwords
https://www.bleepingcomputer.com/news/security/thousands-of-serial-to-ethernet-devices-leak-telnet-passwords/
Young Hacker, Who Took Over Jail Network to Get Friend Released Early, Faces Prison
https://thehackernews.com/2017/12/hacking-jail-records.html
TeamViewer Vulnerability Lets Attackers Take Full Control of PCs
https://www.hackread.com/teamviewer-vulnerability-full-pc-control/
Han bygger rymdfilmer på fysikens lagar
https://sverigesradio.se/sida/avsnitt/987792?programid=412
Äldre men bra ändå
An SDR tool for Eavesdropping on Computer Screens via Unintentionally Radiated RF
https://www.rtl-sdr.com/tempestsdr-a-sdr-tool-for-eavesdropping-on-computer-screens-via-unintentionally-radiated-rf/
πfs: Never worry about data again!
https://github.com/philipl/pifs
Surveillance Self-Defense
https://ssd.eff.org/
Trevlig helg med musik
Remote app for Android and iOS allows remote attackers to impersonate users
https://nvd.nist.gov/vuln/detail/CVE-2017-14487
Och så en slagdänga på det.
https://www.youtube.com/watch?v=mxQZfroLPmk
CERT-SE i veckan
Google rättar sårbarheter i Chrome (Stable Channel)