Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.20

Veckans urplock av cybersäkerhetslänkar

Oh, great, now there's a SECOND remote Rowhammer exploit
https://www.theregister.co.uk/2018/05/17/nethammer_second_remote_rowhammer_exploit/

A flaw in a connected alarm system exposed vehicles to remote hacking
https://www.zdnet.com/article/flaw-connected-alarm-system-exposed-vehicles-remote-hacking/

Fake Malwarebytes helpline scammer caught in the act
https://blog.malwarebytes.com/cybercrime/2018/05/fake-malwarebytes-helpline-scammer-caught-act/

Alexa, Siri and Google can be tricked by commands you can’t hear
https://nakedsecurity.sophos.com/2018/05/17/alexa-siri-and-google-can-be-tricked-by-commands-you-cant-hear/

Hackers siphon hundreds of millions of pesos out of Mexican banks through shadow transactions
https://www.tripwire.com/state-of-security/featured/hackers-siphon-hundreds-of-millions-of-pesos-out-of-mexican-banks-through-shadow-transactions/

Vega Stealer malware steals passwords & card data from Chrome & Firefox
https://www.hackread.com/vega-stealer-malware-steals-passwords-from-chrome-firefox/

Brutal cryptocurrency mining malware crashes your PC when discovered
https://www.zdnet.com/article/brutal-cryptominer-crashes-your-pc-when-discovered/

The worst Google scams and how to avoid them
http://www.itpro.co.uk/web-browser/31112/the-worst-google-scams-and-how-to-avoid-them

Adobe Reader zero-day discovered alongside Windows vulnerability
https://blog.malwarebytes.com/threat-analysis/2018/05/adobe-reader-zero-day-discovered-alongside-windows-vulnerability/

Attackers Use UPnP to Sidestep DDoS Defenses
https://threatpost.com/attackers-use-upnp-to-sidestep-ddos-defenses/131981/

Police dog sniffs out USB drive to snare school hacker
https://nakedsecurity.sophos.com/2018/05/15/police-dog-sniffs-out-usb-drive-to-snare-school-hacker/

"Wicked" Variant of Mirai Botnet Emerges
https://www.securityweek.com/wicked-variant-mirai-botnet-emerges

TeleGrab - Grizzly Attacks on Secure Messaging
https://blog.talosintelligence.com/2018/05/telegrab.html

DHS Publishes New Cybersecurity Strategy
https://www.securityweek.com/dhs-publishes-new-cybersecurity-strategy

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space
https://github.com/jordanpotti/CloudScraper

CERT-SE i veckan

Kritiska sårbarheter i Cisco-produkter

Allvarliga sårbarheter i Red Hat DHCP-klient upptäckta

Kritiska sårbarheter i produkter från Adobe rättade

Sårbarheter i hur e-postklienter hanterar OpenPGP och S/MIME