![[CERT-SE]](/static/img/cert-se.svg)
![[MSB]](/static/img/msb.svg)
Publicerad
CERT-SE:s veckobrev v.03
CERT-SE önskar trevlig helg med noga utvalda nyheter!
Nyheter i veckan
New Android Malware Apps Use Motion Sensor to Evade Detection
https://thehackernews.com/2019/01/android-malware-play-store.html
Eight months after discovery, unkillable LoJax rootkit campaign remains active
https://arstechnica.com/information-technology/2019/01/8-months-after-its-discovery-unkillable-lojax-rootkit-campaign-remains-active/
Why is my keyboard connected to the cloud?
https://www.zdnet.com/article/why-is-my-keyboard-connected-to-the-cloud/
Major Security Breach Discovered Affecting Nearly Half of All Airline Travelers Worldwide
https://www.safetydetective.com/blog/major-security-breach-discovered-affecting-nearly-half-of-all-airline-travelers-worldwide/
Fortnite Hacked Via Insecure Single Sign-On
https://threatpost.com/fortnite-hacked-via-insecure-single-sign-on/140913/
Unprotected server of Oklahoma Department of Securities exposes millions of government files
https://securityaffairs.co/wordpress/79983/data-breach/oklahoma-department-securities-data-leak.html
Snorpy a Web Base Tool to Build Snort/Suricata Rules
https://isc.sans.edu/forums/diary/Snorpy+a+Web+Base+Tool+to+Build+SnortSuricata+Rules/24522/
Count the number of people around you by monitoring wifi signals
https://github.com/schollz/howmanypeoplearearound
Some of the biggest web hosting sites were vulnerable to simple account
takeover hacks
https://techcrunch.com/2019/01/14/web-hosting-account-hacks/
A new cryptojacking tactic that involves Wikipedia and downloaded movie
files has been discovered
https://cryptomenow.com/a-new-cryptojacking-tactic-that-involves-wikipedia-and-downloaded-movie-files-has-been-discovered/
Thoughts on the MSI/JAR Authenticode Bypass
https://wwws.nightwatchcybersecurity.com/2019/01/16/thoughts-on-the-msi-jar-authenticode-bypass/
Microsoft LAPS - Blue Team / Red Team
https://isc.sans.edu/diary/Microsoft+LAPS+-+Blue+Team++Red+Team/24528
The 773 Million Record "Collection #1" Data Breach
https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/
Announcing the Microsoft Azure DevOps Bounty program
https://blogs.technet.microsoft.com/msrc/2019/01/17/azure-devops-bounty-program/
CERT-SE i veckan
0-day sårbarhet i Windows hantering av visit- och kontaktkortsfiler