Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

Jobba på CERT-SE? Nu söker vi en administrativ stjärna med it-säkerhetskunskap till vår desk. Sista ansökningsdag 23 augusti.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.51

Med Emotet, Ryuk, TrickBot och andra saker du inte vill ha i julklapp vill CERT-SE önska er alla en riktigt God Jul!

Nyheter i veckan

Frankfurt shuts down IT network following Emotet infection
https://www.zdnet.com/article/frankfurt-shuts-down-it-network-following-emotet-infection/

Emotet Trojan is Inviting You To A Malicious Christmas Party
https://www.bleepingcomputer.com/news/security/emotet-trojan-is-inviting-you-to-a-malicious-christmas-party/

Malpedias finfina länksamanställning om Emotet
https://malpedia.caad.fkie.fraunhofer.de/details/win.emotet

Mitigating Emotet
https://feodotracker.abuse.ch/mitigate

Largest hospital system in New Jersey was hit by ransomware attack
https://securityaffairs.co/wordpress/95152/cyber-crime/new-jersey-hospital-ransomware-attack.html

New Orleans hamstrung by ransomware attack
https://www.scmagazine.com/home/security-news/ransomware/new-orleans-hamstrung-by-ransomware-attack/

Ransomware Gangs Now Outing Victim Businesses That Don’t Pay Up
https://krebsonsecurity.com/2019/12/ransomware-gangs-now-outing-victim-businesses-that-dont-pay-up/

German BSI withholds Truecrypt security report
https://www.golem.de/news/encryption-software-german-bsi-withholds-truecrypt-security-report-1912-145552.html

Fördjupad samverkan för ökad cybersäkerhet
https://www.msb.se/sv/aktuellt/nyheter/2019/december/fordjupad-samverkan-for-okad-cybersakerhet/

5 Reasons Why Programmers Should Think like Hackers
https://thehackernews.com/2019/12/cybersecurity-for-programmers.html

Dacls RAT, the first Lazarus malware that targets Linux devices
https://securityaffairs.co/wordpress/95270/apt/dacls-rat-lazarus-apt.html

Top Cybersecurity trends & predictions for 2020
https://cybersecurity.att.com/blogs/security-essentials/top-cybersecurity-trends-predictions-for-2020

Skyddspaket ICS/SCADA- Fem basverktyg för operatörer som vill utveckla sin säkerhet
https://www.informationssakerhet.se/stod--vagledning/saker-it-infrastruktur/skyddspaket-icsscada/

It’s time to disconnect RDP from the internet
https://www.welivesecurity.com/2019/12/17/bluekeep-time-disconnect-rdp-internet/

Meet the Mad Scientist Who Wrote the Book on How to Hunt Hackers
https://www.wired.com/story/meet-the-mad-scientist-who-wrote-the-book-on-how-to-hunt-hackers/

Don’t fall for this porn scam – even if your password’s in the subject!
https://nakedsecurity.sophos.com/2019/12/17/dont-fall-for-this-porn-scam-even-if-your-passwords-in-the-subject/

OilRig’s Poison Frog – old samples, same trick
https://securelist.com/oilrigs-poison-frog/95490/

New research reveals how the devices we trust most can leave us vulnerable
https://blog.f-secure.com/new-research-reveals-how-the-devices-we-trust-most-can-leave-us-vulnerable/

DDoS Attacks and IoT Exploits: New Activity from Momentum Botnet
https://blog.trendmicro.com/trendlabs-security-intelligence/ddos-attacks-and-iot-exploits-new-activity-from-momentum-botnet/

Nginx Log Check - Nginx Log Security Analysis Script
https://www.kitploit.com/2019/12/nginx-log-check-nginx-log-security.html

Visa: Gas Station Networks Targeted to Steal Card Data
https://www.bankinfosecurity.com/visa-gas-station-networks-targeted-to-steal-card-data-a-13507

Sweden to adopt new framework to test banks’ cyber-attack resilience
https://www.verdict.co.uk/retail-banker-international/news/sweden-to-adopt-new-framework-to-test-banks-cyber-attack-resilience/

Skarp kritik mot regionens arbete med IT-säkerhet
https://www.svt.se/nyheter/lokalt/vasternorrland/skarp-kritik-mot-regionens-arbete-med-it-sakerhet

This WhatsApp bug could allow hackers to crash the app and delete group chats forever
https://www.zdnet.com/article/this-whatsapp-bug-could-allow-hackers-to-crash-the-app-and-delete-group-chats-forever/

Biggest data breaches of 2019: Same mistakes, different year
https://www.cnet.com/news/biggest-data-breaches-of-2019-same-mistakes-different-year/

Twitter Followers of the Epilepsy Foundation Targeted by a Mass Strobe Cyber attack
https://www.ehackingnews.com/2019/12/twitter-followers-of-epilepsy.html

The man who made the “worst” video game in history
https://thehustle.co/worst-video-game-in-history-et/

Write 8-bit code in your browser
https://8bitworkshop.com/

CERT-SE i veckan

Säkerhetsuppdateringar från Apple