CERT-SE:s veckobrev v.29

Veckobrev

Den här veckan är det tio år sedan Stuxnet upptäcktes, en attack som fortsätter att påverka de cyberhot vi ser även idag. Den här veckan har nästan all vår bevakning fokuserat på säkerhetsuppdateringar från olika håll, nedan följer en sammanställning över annat av intresse som hänt i veckan.

Trevlig helg önskar CERT-SE!

Nyheter i veckan

Cybercrime Research: For the Greater Good, or Marketing? (10 jul) https://www.bankinfosecurity.com/blogs/cybercrime-research-for-greater-good-or-marketing-p-2914

Conti ransomware encrypts files quicker, targets SMB network shares (10 jul) https://www.scmagazine.com/home/security-news/ransomware/conti-ransomware-encrypts-files-quicker-targets-smb-network-shares/

Fake Zoom notifications used to steal Office 365 credentials (11 jul) https://www.scmagazineuk.com/fake-zoom-notifications-used-steal-office-365-credentials/article/1689152

VPNs: What Do They Do, and What Don’t They Do? (12 jul) https://www.tripwire.com/state-of-security/featured/vpns-what-do-they-do-what-they-dont-do/

Security alerts more than doubled in the last 5 years, SecOps teams admit they can’t get to them all (13 jul) https://www.helpnetsecurity.com/2020/07/13/volume-of-security-alerts/

Backdoors Identified in Tens of C-Data Fiber Broadband Devices (13 jul) https://www.securityweek.com/backdoors-identified-tens-c-data-fiber-broadband-devices

Hacker breaches security firm in act of revenge (13 jul) https://www.zdnet.com/article/hacker-breaches-security-firm-in-act-of-revenge/

You’ve only added two lines - why did that take two days! (13 jul) https://www.mrlacey.com/2020/07/youve-only-added-two-lines-why-did-that.html

Python Malware On The Rise (13 jul) https://www.cyborgsecurity.com/python-malware-on-the-rise/

Turla / Venomous Bear updates its arsenal: “NewPass” appears on the APT threat scene (14 jul) https://www.telsy.com/turla-venomous-bear-updates-its-arsenal-newpass-appears-on-the-apt-threat-scene/

Citrix denies dark web claim of network compromise and ransomware attack (15 jul) https://www.theregister.com/2020/07/15/citrix_denies_new_network_compromise/

Everything You Need to Know About OAuth (2.0) (15 jul) https://gravitational.com/blog/everything-you-need-to-know-about-oauth/

Tio år sedan Stuxnet upptäcktes (15 jul) https://techworld.idg.se/2.2524/1.737277/tio-ar-sedan-stuxnet-upptacktes

A victory for us all: European Court of Justice makes landmark ruling to invalidate the Privacy Shield (16 jul) https://edri.org/a-victory-for-us-all-european-court-of-justice-makes-landmark-ruling-to-invalidate-the-privacy-shield/

Microsoft Warns of Application-based Phishing (16 jul) https://blog.knowbe4.com/microsoft-warns-of-application-based-phishing

EU court overturns US data transfer agreement in Facebook privacy case (16 jul) https://www.dw.com/en/eu-us-data-transfer-facebook/a-54194377

New Android BlackRock malware targets hundreds of apps (17 jul) https://securityaffairs.co/wordpress/106008/malware/android-blackrock-malware.html

Informationssäkerhet och blandat

Tony Blair tells Russian infosec conference that cross-border infosec policies need more gov intervention (10 jul) https://www.theregister.com/2020/07/10/tony_blair_speech_cyber_polygon_conference/

Indonesia beefs up cyber security after data breaches (12 jul) http://www.straitstimes.com/asia/se-asia/indonesia-beefs-up-cyber-security-after-data-breaches

Cyberwarfare: The changing role of force (13 jul) https://www.helpnetsecurity.com/2020/07/13/cyber-conflict/

A hacker is selling details of 142 million MGM hotel guests on the dark web (14 jul) https://www.zdnet.com/article/a-hacker-is-selling-details-of-142-million-mgm-hotel-guests-on-the-dark-web/

Data breaches decline 33% in the first half of 2020 (14 jul) https://www.techrepublic.com/article/data-breaches-decline-33-in-the-first-half-of-2020/

The Day I Trolled The Entire Internet: An Accidental Research Project on CVE-2020-1350 (15 jul) https://blog.zsec.uk/cve-2020-1350-research/

Ransomware accounts for a third of all cyberattacks against organizations (15 jul) https://www.techrepublic.com/article/ransomware-accounts-for-a-third-of-all-cyberattacks-against-organizations/

F-Secure varnar för förfalskade Cisco-switchar (16 jul) https://techworld.idg.se/2.2524/1.737329/f-secure-varnar-for-forfalskade-natverksswitchar

Who’s Behind Wednesday’s Epic Twitter Hack? (16 jul) https://krebsonsecurity.com/2020/07/whos-behind-wednesdays-epic-twitter-hack/ ..
https://techcrunch.com/2020/07/15/twitter-hacker-admin-scam/https://www.bleepingcomputer.com/news/security/apple-kanye-gates-bezos-more-hacked-in-twitter-account-crypto-scam/

Ryska hackare anklagas för att försöka stjäla vaccinforskning (16 jul) https://www.dn.se/nyheter/varlden/ryska-hackare-anklagas-for-att-forsoka-stjala-vaccinforskning/ ..
https://www.gov.uk/government/news/uk-condemns-russian-intelligence-services-over-vaccine-cyber-attacks ..
https://www.ncsc.gov.uk/news/uk-and-allies-expose-russian-attacks-on-coronavirus-vaccine-development ..
https://malpedia.caad.fkie.fraunhofer.de/actor/apt_29

Cybersecurity concerns front and center as online voting expected to shape future elections (17 jul) https://www.helpnetsecurity.com/2020/07/17/cybersecurity-concerns-online-voting/

CERT-SE i veckan

Sårbarheter i Cisco PLM Software

Oracle Critical Patch Update

Allvarliga sårbarheter i Adobes månatliga uppdatering för juli 2020

Fler sårbarheter från Microsofts patch-tisdag (juli 2020)

BM20-002 - Mycket kritisk sårbarhet i Microsoft Windows DNS Server

Kritisk sårbarhet i Microsofts säkerhetsuppdatering för juli 2020

Uppdatering angående felaktigt utskick

Mycket kritisk sårbarhet i SAP NetWeaver (uppdaterad 2020-07-16)