CERT-SE:s veckobrev v.21

Veckobrev

Inte lika mycket Corona-relaterat som tidigare veckor, däremot nyheter om cyberangrepp, läckta källkoder och Bluetooth-attacker. Vi på CERT-SE önskar en trevlig majhelg!

Nyheter i veckan

Desinformation gror i hälsokriser (13 maj) https://www.foi.se/nyheter-och-press/nyheter/2020-05-13-desinformation-gror-i-halsokriser.html

Zerodium Temporarily Stops Purchasing iOS Exploits Due to High Number of Submissions (14 maj) https://www.macrumors.com/2020/05/14/zerodium-pauses-acquiring-ios-exploits/ ..
https://www.cyberscoop.com/ios-zero-day-zerodium-high-supply/

Mercedes-Benz onboard logic unit (OLU) source code leaks online (18 maj) https://www.zdnet.com/article/mercedes-benz-onboard-logic-unit-olu-source-code-leaks-online/

How to use the new Network Sniffer Tool PktMon.exe in Windows 10 (18 maj) https://www.thewindowsclub.com/network-sniffer-tool-pktmon-exe-in-windows-10/

Chrome 83 released with enhanced privacy controls, tab groups feature (19 maj) https://www.zdnet.com/article/chrome-83-released-with-enhanced-privacy-controls-tab-groups-feature/

Windows Terminal 1.0 (19 maj) https://devblogs.microsoft.com/commandline/windows-terminal-1-0/

Bluetooth pairing flaw exposes devices to BIAS attacks (19 maj) https://www.itpro.co.uk/security/vulnerability/355694/bluetooth-flaw-bias-attacks

Phishers are trying to bypass Office 365 MFA via rogue apps (19 maj) https://www.helpnetsecurity.com/2020/05/19/office-365-bypass-mfa/

Releasing the Captcha Cracken (20 maj) https://labs.f-secure.com/blog/releasing-the-captcha-cracken/

Ransomware deploys virtual machines to hide itself from antivirus software (22 maj) https://www.zdnet.com/article/ransomware-deploys-virtual-machines-to-hide-itself-from-antivirus-software/

Informationssäkerhet och blandat

Hackers Steal $10M in “Wonderfully Done” fraud from Norway’s State Investment Fund (18 maj) https://businessinsights.bitdefender.com/hackers-steal-fraud-from-norway-state-investment-fund

Australian Steel Maker BlueScope Hit by Cyberattack (18 maj) https://www.securityweek.com/australian-steel-maker-bluescope-hit-cyberattack

European supercomputers hacked to mine cryptocurrency (18 maj) https://www.welivesecurity.com/2020/05/18/european-supercomputers-hacked-mine-cryptocurrency/ ..
https://brownglock.com/library/2020/05/18/hackers-are-using-supercomputers-to-mine-crypto/

EasyJet admits data of nine million hacked (19 maj) https://www.bbc.com/news/technology-52722626

Six need-to-know takeaways from the Verizon breach report (19 maj) https://www.scmagazine.com/home/security-news/data-breach/six-need-to-know-takeaways-from-the-verizon-breach-report/ ..
https://www.cyberscoop.com/verizon-dbir-report-hacking-2020/ ..
https://enterprise.verizon.com/resources/reports/dbir/

Sodinokibi cyber criminals plot to ‘auction’ Madonna data (19 maj) https://www.computerweekly.com/news/252483336/Sodinokibi-cyber-criminals-plot-to-auction-Madonna-data

Hacker Behind Last Year’s ‘Collection#1’ Data Dump Arrested in Ukraine (19 maj) https://uk.pcmag.com/encryption/127033/hacker-behind-last-years-collection1-data-dump-arrested-in-ukraine

Guidelines and Practices for Multi-Party Vulnerability Coordination and Disclosure (20 maj) https://www.first.org/global/sigs/vulnerability-coordination/multiparty/guidelines-v1.1

Snake ransomware leaks patient data from Fresenius Medical Care (20 maj) https://www.bleepingcomputer.com/news/security/snake-ransomware-leaks-patient-data-from-fresenius-medical-care/

Hamas tros ligga bakom cyberattack mot Israel (21 maj) https://www.dn.se/nyheter/varlden/flera-lander-tros-vara-inblandade-i-massiv-cyberattack-mot-israel/

CERT-SE i veckan

Kritisk sårbarhet i Cisco Unified CCX

NXNSAttack: Nytt angrepp mot dns-servrar