CERT-SE:s veckobrev v.10

Blandade nyheter från veckan som gått.

Nyheter i veckan

Siri and Google Assistant hacked in new ultrasonic attack (2 mar) https://nakedsecurity.sophos.com/2020/03/02/siri-and-google-assistant-hacked-in-new-ultrasonic-attack/

Rootkit in the Cloud: Hacker Group Breaches AWS Servers (3 mar) https://www.cbronline.com/news/aws-servers-hacked-rootkit-in-the-cloud

Protect your domain and protect your customers: The top three domain-based attack tactics (3 mar) https://www.scmagazine.com/home/security-news/protect-your-domain-and-protect-your-customers-the-top-three-domain-based-attack-tactics/

What DNS encryption means for enterprise threat hunters (3 mar) https://www.itweb.co.za/content/j5alrvQaEVnvpYQk

Windows 10, version 1809 end of servicing on May 12, 2020 https://support.microsoft.com/en-hk/help/4541558/windows-10-version-1809-end-of-servicing

Citrix vulnerability used for potential Defence recruitment database access (4 mar) https://www.zdnet.com/article/citrix-vulnerability-used-for-potential-defence-recruitment-database-access/

Let’s Encrypt Revoking 3 Million TLS Certificates Issued Incorrectly Due to a Bug (4 mar) https://thehackernews.com/2020/03/lets-encrypt-certificate-revocation.html ..
Revoking certain certificates on March 4 (5 mar) https://community.letsencrypt.org/t/revoking-certain-certificates-on-march-4/114864 ..
Let’s Encrypt: OK, maybe nuking three million HTTPS certs at once was a tad ambitious. Let’s take time out (5 mar) https://www.theregister.co.uk/2020/03/05/lets_encrypt_halts/

Microsoft subdomains hijacked following DNS security blunder (5 mar) https://betanews.com/2020/03/05/insecure-microsoft-subdomains-hijacked/

Enable that MF-ing MFA: 1.2 million Azure Active Directory accounts compromised every month, reckons Microsoft (5 mar) https://www.theregister.co.uk/2020/03/05/microsoft_12_million_enterprise_accounts_are_compromised_every_month/

Intel CSME bug is worse than previously thought (5 mar) https://www.zdnet.com/article/intel-csme-bug-is-worse-than-previously-thought

Mokes and Buerak distributed under the guise of security certificates (5 mar) https://securelist.com/mokes-and-buerak-distributed-under-the-guise-of-security-certificates/96324/

Email domains without DMARC enforcement spoofed nearly 4X as often (5 mar) https://www.helpnetsecurity.com/2020/03/05/dmarc-records

Informationssäkerhet och blandat

Coronavirus: Hackers are exploiting the COVID-19 outbreak to steal your information (28 feb) https://www.techrepublic.com/article/coronavirus-how-hackers-are-exploiting-the-epidemic-to-steal-your-information

Darknet en allt vanligare spelplan för kriminella (29 feb) https://www.svt.se/nyheter/lokalt/stockholm/polisen-om-darknet

Cyberattacker kostar företagen 16 miljarder kronor per år (1 mar) https://sverigesradio.se/sida/artikel.aspx?programid=160&artikel=7414795

5G and IoT security: Why cybersecurity experts are sounding an alarm (2 mar) https://www.techrepublic.com/article/5g-and-iot-security-why-cybersecurity-experts-are-sounding-an-alarm

In-depth Analysis of the Top Cyber Threat Trends Over the Past Year https://www.crowdstrike.com/resources/reports/2020-crowdstrike-global-threat-report/ ..
Sammanfattning: CrowdStrike Global Threat Report 2020 (3 mar) https://www.cstromblad.com/2020/03/sammanfattning-crowdstrike-global-threat-report-2020/

Kommunanställda klickade på virus i datasäkerhetstest (4 mar) https://sverigesradio.se/sida/artikel.aspx?programid=160&artikel=7420533

Stort cyberangrepp mot internationellt tjänsteföretag (5 mar) https://www.svt.se/nyheter/utrikes/hackerangrepp-mot-stort-stadforetag

Hackers Can Clone Millions of Toyota, Hyundai, and Kia Keys (5 mar) https://www.wired.com/story/hackers-can-clone-millions-of-toyota-hyundai-kia-keys/