![[CERT-SE]](/static/img/cert-se.svg)
![[MSB]](/static/img/msb.svg)
Publicerad
CERT-SE:s veckobrev v.46
Veckans cyberheter
Container Malware: Miners Go Docker Hunting In The Cloud
https://forums.juniper.net/t5/Threat-Research/Container-Malware-Miners-Go-Docker-Hunting-In-The-Cloud/ba-p/400587
Firefox Monitor Launches in 26 Languages and Adds New Desktop Browser Feature
https://blog.mozilla.org/blog/2018/11/14/firefox-monitor-launches-in-26-languages-and-adds-new-desktop-browser-feature/
Botnet pwns 100,000 routers using ancient security flaw
https://nakedsecurity.sophos.com/2018/11/12/botnet-pwns-100000-routers-using-ancient-security-flaw/
Attackers exploit GDPR compliance plug-in for WordPress
https://www.scmagazine.com/home/security-news/attackers-exploit-gdpr-compliance-plug-in-for-wordpress/
HTTP-over-QUIC to be renamed HTTP/3
https://www.zdnet.com/article/http-over-quic-to-be-renamed-http3/
Safari vulnerability lets hackers swipe recently deleted photos from iPhone X
https://appleinsider.com/articles/18/11/14/safari-vulnerability-lets-hackers-swipe-recently-deleted-photos-from-iphone-x
Cloudflare launches Android and iOS apps for its 1.1.1.1 service
https://www.zdnet.com/article/cloudflare-launches-android-and-ios-apps-for-its-1-1-1-1-service/
Researchers discover seven new Meltdown and Spectre attacks
https://www.zdnet.com/article/researchers-discover-seven-new-meltdown-and-spectre-attacks/
Beyond Passwords: 2FA, U2F and Google Advanced Protection
https://www.troyhunt.com/beyond-passwords-2fa-u2f-and-google-advanced-protection/
Google and Cloudfare traffic diverted to China… do we need to panic?
https://nakedsecurity.sophos.com/2018/11/13/google-and-cloudfare-traffic-diverted-to-china-do-we-need-to-panic/
Judge asks if Alexa is witness to a double murder
https://nakedsecurity.sophos.com/2018/11/16/judge-asks-if-alexa-is-witness-to-a-double-murder/
Hacking Connected Home Alarm Systems
https://blog.nviso.be/2018/10/16/hacking-connected-home-alarm-systems-the-cheap-part-1/
OSINT with gOSINT
https://www.prismacsi.com/en/osint-with-gosint/
Advanced tools: Process Hacker
https://blog.malwarebytes.com/101/how-tos/2018/11/advanced-tools-process-hacker/
CERT-SE i veckan
Microsofts månatliga säkerhetsuppdateringar för november 2018
Kritisk sårbarhet i ett flertal av VMware-produkter
[Uppdaterad] Våg av nätfiske mot e-postkonton i Office 365 och Exchange