CERT-SE:s veckobrev v.8

Veckobrev

Blandade nyheter från veckan, däribland phishing, ransomware och stora informationläckage.

Nyheter i veckan

INTERPOL report highlights key cyberthreats in Southeast Asia (17 feb) https://www.interpol.int/News-and-Events/News/2020/INTERPOL-report-highlights-key-cyberthreats-in-Southeast-Asia

OpenSSH now supports FIDO U2F security keys for 2-factor authentication (17 feb) https://thehackernews.com/2020/02/openssh-fido-security-keys.html

Microsoft has a subdomain hijacking problem (17 feb) https://www.zdnet.com/article/microsoft-has-a-subdomain-hijacking-problem/

Gold-nuggeting: Machine learning tool simplifies target discovery for pen testers (18 feb) https://portswigger.net/daily-swig/gold-nuggeting-machine-learning-tool-simplifies-target-discovery-for-pen-testers ..
https://github.com/delvelabs/batea

Hackers exploit critical vulnerability found in ~100,000 WordPress sites (18 feb) https://arstechnica.com/information-technology/2020/02/hackers-exploit-critical-vulnerability-found-in-100000-wordpress-sites/

Cybersecurity warning: Almost half of connected medical devices are vulnerable to hackers exploiting BlueKeep (18 feb) https://www.zdnet.com/article/cybersecurity-warning-almost-half-of-connected-medical-devices-are-vulnerable-to-hackers-exploiting-bluekeep

Over 22,000 Vulnerabilities Disclosed in 2019: Report (18 feb) https://www.securityweek.com/over-22000-vulnerabilities-disclosed-2019-report

16 DDoS attacks take place every 60 seconds, rates reach 622 Gbps (18 feb) https://www.zdnet.com/article/16-ddos-attacks-take-place-every-60-seconds-rates-reach-622-gbps/

DHS says ransomware hit US gas pipeline operator (18 feb) https://www.zdnet.com/article/dhs-says-ransomware-hit-us-gas-pipeline-operator/

Hundreds of Millions of PC Components Still Have Hackable Firmware (18 feb) https://www.wired.com/story/firmware-hacks-vulnerable-pc-components-peripherals/

Watch hackers manipulate a Tesla on Autopilot into accelerating to 85 MPH (19 feb) https://bgr.com/2020/02/19/tesla-autopilot-hack-speed-limit-increase-50-mph/

SMS Attack Spreads Emotet, Steals Bank Credentials (19 feb) https://threatpost.com/sms-attack-spreads-emotet-bank-credentials/153015/

Beware: Ransomware continues to pose a significant security risk for SMEs (19 feb) https://www.melani.admin.ch/melani/en/home/dokumentation/newsletter/sicherheitsrisiko-durch-ransomware.html

Cisco critical bug: Static password in Smart Software Manager – patch now, says Cisco (20 feb) https://www.zdnet.com/article/cisco-critical-bug-static-password-in-smart-software-manager-patch-now-says-cisco/

U.S. agency that handles Trump’s secure communication suffered data breach (20 feb) https://www.reuters.com/article/us-usa-defense-breach/u-s-defense-agency-personal-data-may-have-been-compromised-letter-idUSKBN20E27A

Bluetooth-Related Flaws Threaten Dozens of Medical Devices (20 feb) https://www.wired.com/story/bluetooth-flaws-ble-internet-of-things-pacemakers/

Hackers Were Inside Citrix for Five Months (20 feb) https://krebsonsecurity.com/2020/02/hackers-were-inside-citrix-for-five-months/

Apple drops a bomb on long-life HTTPS certificates: Safari to snub new security certs valid for more than 13 months (20 feb) https://www.theregister.co.uk/2020/02/20/apple_shorter_cert_lifetime/

Informationssäkerhet och blandat

Android facial recognition is more secure than you think (14 feb) https://www.techrepublic.com/article/android-facial-recognition-is-more-secure-than-you-think

Austrian foreign ministry: ‘State actor’ hack on government IT systems is over (14 feb) https://www.theregister.co.uk/2020/02/14/austria_foreign_ministry_hack_turla_group_allegs/

Vårdanställd polisanmäld för dataintrång (14 feb) https://sverigesradio.se/sida/artikel.aspx?programid=99&artikel=7408105

Säkerhetschefen: Vi har nolltolerans (14 feb) https://sverigesradio.se/sida/artikel.aspx?programid=160&artikel=7408298

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world (16 feb) https://www.zdnet.com/article/iranian-hackers-have-been-hacking-vpn-servers-to-plant-backdoors-in-companies-around-the-world/

Ökat fokus på reglering av cybersäkerhet i smarta fordon (17 feb) https://www.foi.se/nyheter-och-press/nyheter/2020-02-17-okat-fokus-pa-reglering-av-cybersakerhet-i-smarta-fordon.html

Defending Against State-Sponsored Hackers (17 feb) https://www.infosecurity-magazine.com/opinions/defending-state-hackers/

Bostadsförmedlingens hemsida akutstoppad efter inloggningsfel (18 feb) https://www.aftonbladet.se/nyheter/a/wPm935/bostadsformedlingens-hemsida-akutstoppad-efter-inloggningsfel

SIRP Security Score: Prioritize your threat response (18 feb) https://www.helpnetsecurity.com/2020/02/18/sirp-security-score/

Cyberattack slog ut datorer på Kramfors kommun (18 feb) https://sverigesradio.se/sida/artikel.aspx?programid=110&artikel=7410332

FRA: Dagliga cyberattacker mot Sverige (19 feb) https://www.svd.se/fra-dagliga-cyberattacker-mot-sverige ..
FRA:s årsrapport 2019 (20 feb) https://www.fra.se/nyheter/nyhetsarkiv/news/arsrapportfor2019slappt.5.6cf5edb9170382a0ad522.html

Exclusive: Details of 10.6 million MGM hotel guests posted on a hacking forum https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/

Facilities firm ISS World crippled by ransomware attack (20 feb) https://www.computerweekly.com/news/252478890/Facilities-firm-ISS-World-crippled-by-ransomware-attack