Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

Jobba på CERT-SE? Sök junior systemadministratör inom IT-säkerhet. Sista ansökningsdag 3 juni.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.14

Blandat innehåll från veckan. Bland annat har MSB släppt sin årliga rapport om statlig it-incidentrapportering. CERT-SE har också uppmärksammat ytterligare angrepp som försöker dra nytta av Corona-pandemin.

Nyheter i veckan

Hacker hijacks YouTube accounts to broadcast Bill Gates-themed crypto Ponzi scam (30 mar)
https://www.zdnet.com/article/hacker-hijacks-youtube-accounts-to-broadcast-bill-gates-themed-crypto-ponzi-scam/

Zoom Lets Attackers Steal Windows Credentials, Run Programs via UNC Links (31 mar)
https://www.bleepingcomputer.com/news/security/zoom-client-leaks-windows-login-credentials-to-attackers/

Booz Allen analyzed 200+ Russian hacking operations to better understand their tactics (27 mar)
https://www.zdnet.com/article/booz-allen-analyzed-200-russian-hacking-operations-to-better-understand-their-tactics/

All 4G networks are susceptible to DoS attacks (27 mar)
https://www.itproportal.com/news/all-4g-networks-susceptible-to-dos-attacks/

Trends in Internet Exposure (29 mar)
https://blog.shodan.io/trends-in-internet-exposure/

Sale of Dharma ransomware source code draws hackers’ scrutiny, but the price is right (30 mar)
https://www.scmagazine.com/home/security-news/ransomware/small-price-tag-may-cause-overlook-suspicions/

IT-incidentrapportering 2019: Fler myndigheter bör rapportera mer (1 apr)
https://www.msb.se/sv/amnesomraden/informationssakerhet-cybersakerhet-och-sakra-kommunikationer/it-incidentrapportering-for-statliga-myndigheter/arsrapport-it-incidentrapportering-2019/

5.2m guest records exposed in latest Marriott data breach (1 apr)
https://www.siliconrepublic.com/enterprise/5-2m-guest-records-exposed-in-latest-marriott-data-breach

Hacking forum gets hacked for the second time in a year (3 apr)
https://www.zdnet.com/article/hacking-forum-gets-hacked-for-the-second-time-in-a-year/

Corona-relaterat

Coronavirus Phishing Scams
https://coronavirusphishing.com/

Investigating Coronavirus Fakes And Disinfo? Here Are Some Tools For You (27 mar)
https://www.bellingcat.com/resources/2020/03/27/investigating-coronavirus-fakes-and-disinfo-here-are-some-tools-for-you/

Coronavirus: The fake Bill Gates post and other claims to ignore (28 mar)
https://www.bbc.com/news/52039642

Dags att gasa i den digitala omställningen – trots pandemin (29 mar)
https://computersweden.idg.se/2.2683/1.732515/corona-gasa-digital-forandring

COVID-19: Hackers Begin Exploiting Zoom's Overnight Success to Spread Malware (30 mar)
https://thehackernews.com/2020/03/zoom-video-coronavirus.html

Banking Malware Spreading via COVID-19 Relief Payment Phishing (30 mar)
https://www.bleepingcomputer.com/news/security/banking-malware-spreading-via-covid-19-relief-payment-phishing/

MSB:s råd för att stärka informationssäkerheten vid arbete hemifrån (1 apr)
https://www.informationssakerhet.se/nyheter/informationssakerhet-vid-arbete-hemifran/

There's now COVID-19 malware that will wipe your PC and rewrite your MBR (2 apr)
https://www.zdnet.com/article/theres-now-covid-19-malware-that-will-wipe-your-pc-and-rewrite-your-mbr/

Exclusive: Hackers linked to Iran target WHO staff emails during coronavirus - sources (2 apr)
https://www.reuters.com/article/us-health-coronavirus-cyber-iran-exclusi/exclusive-hackers-linked-to-iran-target-who-staff-emails-during-coronavirus-sources-idUSKBN21K1RC

Informationssäkerhet och blandat

Dataförlust ledde till driftstopp för flera organisationer under 2019 (31 mar)
https://aktuellsakerhet.se/dataforlust-ledde-till-driftstopp-for-flera-organisationer-under-2019/

Hemarbete öppnar upp för sårbarhet (1 apr)
https://www.lag-avtal.se/nyhetsarkiv/hemarbete-oppnar-upp-for-sarbarhet-6992506

Ransomware Payments on the Rise (2 apr)
https://www.infosecurity-magazine.com/news/rise-in-ransomware-payments/

CERT-SE i veckan

Rekommendationer kring användning av videokonferenstjänsten Zoom

Avslöja bedrägliga mejl eller sms