Omvärld

Några IT-säkerhetsnyheter från veckan. Nyheter i veckan Shodan har lanserat Malware Hunter som letar rätt på C2 servrar https://malware-hunter.shodan.io ABB:s industrirobot IRB 140 hackad https://motherboard.vice.com/en_us/article/hackers-are-remotely-controlling-industrial-robots-now IBM har levererat skadlig kod på deras USB-pinnar https://www-01.ibm.com/support/docview.wss?uid=ssg1S1010146 Google Doc använt i phishing… https://motherboard.vice.com/en_us/article/massive-gmail-google-doc-phishing-email … och faran med tredjeparts applikationer http://www.darkreading.com/attacks-breaches/google-docs-phishing-scam-a-game-changer/d/d-id/1328808 Outlooks makron ställer…

Share
Read More

An iPhone phishing scam combines elements of physical theft and digital crime in an effort to steal victims’ Apple ID credentials. According to Trend Micro senior threat researcher Fernando Mercês, it all started when someone stole his friend’s iPhone while they were walking around one of the big metropolitan areas…

Share
Read More

Last late April a friend of mine had his iPhone stolen in the streets—an unfortunately familiar occurrence in big, metropolitan areas in countries like Brazil. He managed to buy a new one, but kept the same number for convenience. Nothing appeared to be out of the ordinary at first—until he…

Share
Read More

Original release date: May 04, 2017 The Internet Crime Complaint Center (IC3) has issued an alert describing a growing number of scams targeting businesses working with foreign suppliers or businesses that regularly perform wire transfer payments. These sophisticated scams are classified as business email compromise (BEC) or email account compromise…

Share
Read More

Original release date: May 04, 2017 US-CERT is aware of a phishing campaign affecting Google Docs users. The campaign used spoofed email addresses to target users with emails purporting to share a document for collaboration. Once the targeted users accepted invitations, they were encouraged to allow the phishing program access…

Share
Read More

Original release date: May 04, 2017 US-CERT is aware of a phishing campaign affecting Google Docs users. The campaign used spoofed email addresses to target users with emails purporting to share a document for collaboration. Once the targeted users accepted invitations, they were encouraged to allow the phishing program access…

Share
Read More

These vulnerabilities were discovered by Marcin ‘Icewall’ Noga of Talos. Today, Talos is disclosing several vulnerabilities that have been identified in the AntennaHouse DMC library which is used in various products for web-based document searching and rendering. These vulnerabilities manifest as a failure to correctly parse Microsoft Office documents and…

Share
Read More

Sårbarheten finns i implementationen av Universal Plug-and-Play (UPnP) och kan tillåta en angripare på samma lokala nätsegment att köra godtycklig kod på routern [1]. Eftersom indata till UPnP inte kontrolleras tillräckigt så kan en angripare skicka skadligt data till lyssningsporten. Routern kan då krascha eller köra angriparens kod som root….

Share
Read More

Original release date: May 04, 2017 After May 9, 2017, devices running Windows 10 version 1507 will no longer receive security updates. US-CERT encourages users and administrators to review Microsoft’s Windows 10 version 1507 post for more information and to apply necessary updates. This product is provided subject to this…

Share
Read More