![[CERT-SE]](/static/img/cert-se.svg)
![[MSB]](/static/img/msb.svg)
Publicerad
CERT-SE:s veckobrev v.02
Trevlig helg önskar CERT-SE
Veckans axplock
Global DNS Hijacking Campaign: DNS Record Manipulation at Scale
https://www.fireeye.com/blog/threat-research/2019/01/global-dns-hijacking-campaign-dns-record-manipulation-at-scale.html
U.S. Government Shutdown Leaves Dozens of .Gov Websites Vulnerable
https://threatpost.com/u-s-government-shutdown-leaves-dozens-of-gov-websites-vulnerable/140782/
New Systemd Privilege Escalation Flaws Affect Most Linux Distributions
https://thehackernews.com/2019/01/linux-systemd-exploit.html
Shipping Firms Speared with Targeted ‘Whaling’ Attacks
https://threatpost.com/shipping-execs-whaling/140643/
NSA to release its GHIDRA reverse engineering tool for free
https://thehackernews.com/2019/01/ghidra-reverse-engineering-tool.html
New tool automates phishing attacks that bypass 2FA
https://www.zdnet.com/article/new-tool-automates-phishing-attacks-that-bypass-2fa/
Cisco Talos releases PyLocky ransomware decryptor
https://blog.talosintelligence.com/2019/01/pylocky-unlocked-cisco-talos-releases.html
Adobe Flash Player Zero-Day vulnerability CVE-2018-15982 exploited in APT Attacks
http://www.rewterz.com/rewterz-news/rewterz-threat-advisory-adobe-flash-player-zero-day-vulnerability-cve-2018-15982-exploited-in-apt-attacks
OWASP top 10 IoT vulns 2018
https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project
Your Old Tweets Give Away More Location Data Than You Think
https://www.wired.com/story/twitter-location-data-gps-privacy/
Google Adds DNS-over-TLS Support to Its Public DNS Service
https://www.bleepingcomputer.com/news/google/google-adds-dns-over-tls-support-to-its-public-dns-service/
Historiehörnan
Några axplock i Mobitex historia
http://www.agestam.net/mobitex/files/mobitexhistoria.pdf
CERT-SE i veckan
Innan du ansluter till publika trådlösa nätverk - tänk till ...
Microsofts månatliga säkerhetsuppdateringar för januari 2019