Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

Jobba på CERT-SE? Nu söker vi en förvaltningsledare IT inom cybersäkerhet med sista ansökningsdag 17 augusti, samt en administrativ stjärna med it-säkerhetskunskap till vår desk med sista ansökningsdag 23 augusti.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.27

I veckan som gick var det tre år sedan NotPetya härjade i it-system världen över, säkerligen hektiska dagar för många läsare. Veckans länksamling tittar bland annat på vilka lärdomar som kan dras från NotPetya, men även senaste nytt om diverse ransomware, botnät och cyberangrepp.

Trevlig helg önskar CERT-SE!

Nyheter i veckan

LG Electronics allegedly hit by Maze ransomware attack (25 jun)
https://www.bleepingcomputer.com/news/security/lg-electronics-allegedly-hit-by-maze-ransomware-attack/

Critical Bugs and Backdoor Found in GeoVision's Fingerprint and Card Scanners (25 jun)
https://thehackernews.com/2020/06/geovision-scanner-vulnerabilities.html

DDoS botnet coder gets 13 months in prison (26 jun)
https://www.zdnet.com/article/ddos-botnet-coder-gets-13-months-in-prison/

US Local Government Services Targeted by New Magecart Credit Card Skimming Attack (26 jun)
https://blog.trendmicro.com/trendlabs-security-intelligence/us-local-government-services-targeted-by-new-magecart-credit-card-skimming-attack/

NotPetya attack - three years on, what have we learned? (27 jun)
https://www.techradar.com/news/notpetya-attack-three-years-on-what-have-we-learned

DDoS Malware is Infecting Docker Servers in Unusual Attacks (27 jun)
https://koddos.net/blog/ddos-malware-is-infecting-docker-servers-in-unusual-attacks/

This new botnet has recruited an army of Windows devices (27 jun)
https://www.techradar.com/news/this-new-botnet-has-recruited-an-army-of-windows-devices

Ransomware is now your biggest online security nightmare. And it's about to get worse (28 jun)
https://www.zdnet.com/article/ransomware-is-now-your-biggest-online-security-nightmare-and-its-about-to-get-worse/

Apple strong-arms entire CA industry into one-year certificate lifespans (28 jun)
https://www.zdnet.com/article/apple-strong-arms-entire-ca-industry-into-one-year-certificate-lifespans/
--
https://support.apple.com/en-us/HT211025
--
https://chromium.googlesource.com/chromium/src/+/ae4d6809912f8171b23f6aa43c6a4e8e627de784
--
https://chromium-review.googlesource.com/c/chromium/src/+/2258690/2/net/docs/certificate_lifetimes.md

How hackers extorted $1.14m from University of California, San Francisco (29 jun)
https://www.bbc.com/news/technology-53214783

Evil Corp’s latest ransomware project spreading fast (29 jun)
https://www.computerweekly.com/news/252485331/Evil-Corps-latest-ransomware-project-spreading-fast

One Letter Away: Impersonation, Bitcoin, and Phishing Expeditions (29 jun)
https://blog.knowbe4.com/one-letter-away-impersonation-bitcoin-and-phishing-expeditions

Beware “secure DNS” scam targeting website owners and bloggers (29 jun)
https://nakedsecurity.sophos.com/2020/06/29/beware-secure-dns-scam-targeting-website-owners-and-bloggers/
--
https://www.bleepingcomputer.com/news/security/clever-phishing-scam-targets-websites-with-free-dnssec-offer/

ETSI issues New White Paper on Artificial Intelligence (29 jun)
https://www.etsi.org/newsroom/news/1788-2020-06-etsi-issues-new-white-paper-on-artificial-intelligence
--
https://www.etsi.org/images/files/ETSIWhitePapers/etsi_wp34_Artificial_Intellignce_and_future_directions_for_ETSI.pdf

System hardening in Android 11 (30 jun)
https://security.googleblog.com/2020/06/system-hardening-in-android-11.html

New Mac ransomware spreading through piracy (30 jun)
https://blog.malwarebytes.com/mac/2020/06/new-mac-ransomware-spreading-through-piracy/
--
https://www.zdnet.com/article/new-evilquest-ransomware-discovered-targeting-macos-users/

Brute-Force Attacks Targeting RDP on the Rise (30 jun)
https://www.govinfosecurity.com/brute-force-attacks-targeting-rdp-on-rise-a-14531

Google removes 25 Android apps caught stealing Facebook credentials (30 jun)
https://www.zdnet.com/article/google-removes-25-android-apps-caught-stealing-facebook-credentials/

Ransomware attacks are increasing, do you have an emergency plan in place? (1 jul)
https://www.helpnetsecurity.com/2020/07/01/ransomware-emergency-plan/

Securing the International IoT Supply Chain (1 jul)
https://www.schneier.com/blog/archives/2020/07/securing_the_in_1.html
--
https://www.atlanticcouncil.org/in-depth-research-reports/report/the-reverse-cascade-enforcing-security-on-the-global-iot-supply-chain/

TrickBot malware now checks screen resolution to evade analysis (1 jul)
https://www.bleepingcomputer.com/news/security/trickbot-malware-now-checks-screen-resolution-to-evade-analysis/

Surge of MongoDB ransom attacks use GDPR as extortion leverage (2 jul)
https://www.bleepingcomputer.com/news/security/surge-of-mongodb-ransom-attacks-use-gdpr-as-extortion-leverage/

Alina POS malware now using DNS tunnelling to steal payment cards data (2 jul)
https://www.computing.co.uk/news/4017274/alina-pos-malware-dns-tunnelling-steal-payment-cards

Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking (2 jul)
https://thehackernews.com/2020/07/apache-guacamole-hacking.html
--
https://research.checkpoint.com/2020/apache-guacamole-rce/

Tillsyn och föreskrifter på remiss inom ramen för NIS (2 jul)
https://www.energimyndigheten.se/nyhetsarkiv/2020/energimyndigheten-paborjar-tillsyn-och-skickar-ut-remiss-inom-nis/

How Police Secretly Took Over a Global Phone Network for Organized Crime (2 jul)
https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked

Informationssäkerhet och blandat

Cybercrime Infrastructure Never Really Dies (23 jun)
https://www.darkreading.com/attacks-breaches/cybercrime-infrastructure-never-really-dies/d/d-id/1338154

The Unintended Harms of Cybersecurity (26 jun)
https://www.schneier.com/blog/archives/2020/06/the_unintended_.html
--
https://www.cl.cam.ac.uk/~ytc36/Identifying_Unintended_Harms.pdf

A Popular Study Tool Accidentally Exposed Millions Of Student Records (28 jun)
https://www.forbes.com/sites/leemathews/2020/06/28/oneclass-accidentally-exposed-millions-of-student-records/#12f64de3f901

Svenska notan för cyberangrepp i år: 20 miljarder (29 jun)
https://www.nyteknik.se/sakerhet/svenska-notan-for-cyberangrepp-i-ar-20-miljarder-6997884

Federal funding for 'threat intelligence platform' to defend against cyber attacks (29 jun)
https://www.9news.com.au/national/australian-cyber-security-aushield-defend-platform-for-firms-to-boost-cyber-defences/aa17c6e6-3033-4936-af34-93bfa802d2b5?

Kraftig ökning av attacker mot Remote Desktop i pandemins spår (30 jun)
https://techworld.idg.se/2.2524/1.736779/kraftig-okning-av-attacker-mot-remote-desktop-i-pandemins-spar

Apple Watch's planned handwashing reminder feature? I don't trust it (30 jun)
https://www.computerworld.com/article/3564266/apple-watchs-planned-handwashing-reminder-feature-i-dont-trust-it.html

Keep the lights on: Three things power companies need to do to harden cybersecurity defenses (1 jul)
https://www.techrepublic.com/article/keep-the-lights-on-three-things-power-companies-need-to-do-to-harden-cybersecurity-defenses/

How You Can Write Better Threat Reports (1 jul)
https://zeltser.com/write-better-threat-reports/

The next cybersecurity headache: Employees know the rules but just don't care (1 jul)
https://www.techrepublic.com/article/the-next-cybersecurity-headache-employees-know-the-rules-but-just-dont-care/

Another COVID-19 Side Effect: Rising Nation-State Cyber Activity (1 jul)
https://www.darkreading.com/vulnerabilities---threats/another-covid-19-side-effect-rising-nation-state-cyber-activity/a/d-id/1338186

One out of every 142 passwords is '123456' (1 jul)
https://www.zdnet.com/article/one-out-of-every-142-passwords-is-123456/

40% of security pros say half of cyberattacks bypass their WAF (2 jul)
https://www.helpnetsecurity.com/2020/07/02/cyberattacks-bypass-waf/

Key cybersecurity industry challenges in the next five years (2 jul)
https://www.helpnetsecurity.com/2020/07/02/key-cybersecurity-industry-challenges/

CERT-SE i veckan

Kritisk sårbarhet i F5 Networks BIG-IP

Microsoft patchar kritiska sårbarheter i Windows 10

Kritisk sårbarhet i Palo Alto Networks produkter