Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.35

Grattis IMP på 50-årsdagen!
CERT-SE önskar er alla en trevlig helg!

Nyheter i veckan

Extracting Certificates From the Windows Registry

Oil and Gas Firms Targeted By New LYCEUM Threat Group

Inside the APT28 DLL Backdoor Blitz

Suspicious sniffers Programmer discovers thousands of phone numbers, addresses, and geolocations apparently leaked by Russia’s ‘SORM’ surveillance tech

Building Out ProtonMail Spoofed Infrastructure with Creation Timestamp Pivoting

Imperva Firewall Breach Exposes Customer API Keys, SSL Certificates

Microsoft will let some Windows 7 customers get free security updates for an extra year

Nasa said to be investigating first allegation of a crime in space

Exploiting AWS ECR and ECS with the Cloud Container Attack Tool (CCAT)

All Your Clicks Belong to Me: Investigating Click Interception on the Web

Python clock

Critical Cisco VM Bug Allows Remote Takeover of Routers

Microsoft Wants exFAT in Linux Kernel, Opens File System Specs

Employees connect nuclear plant to the internet so they can mine cryptocurrency

A very deep dive into iOS Exploit chains found in the wild

Retadup Worm Squashed After Infecting 850K Machines

Protocol used by 630,000 devices can be abused for devastating DDoS attacks

Google Offers Big Bounties for Data Abuse Reports


Attacking SSL VPN - Part 1: PreAuth RCE on Palo Alto GlobalProtect, with Uber as Case Study!

Attacking SSL VPN - Part 2: Breaking the Fortigate SSL VPN

Enterprise VPN Vulnerabilities Expose Organizations to Hacking, Espionage

Attackers Targeting Vulnerability in Pulse Secure VPN

Hackers Hit Unpatched Pulse Secure and Fortinet SSL VPNs

CERT-SE i veckan

Kritisk sårbarhet i Ciscos operativsystem IOS XE

Kritiska sårbarheter i Pulse Secure VPN utnyttjas nu aktivt