Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

CERT-SE firar årets cybersäkerhetsmånad med en utmaning/challenge som vänder sig till alla med it-säkerhetsintresse.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.37

På kebabens dag bjuder även CERT-SE på matnyttig information. Trevlig helg önskar CERT-SE!

Nyheter i veckan

Visa Security Alert - ‘Baka’ JavaScript Skimmer Identified (aug)
https://usa.visa.com/content/dam/VCOM/global/support-legal/documents/visa-security-alert-baka-javascript-skimmer.pdf

Windows 10 themes can be abused to steal Windows passwords (7 sep)
https://www.bleepingcomputer.com/news/microsoft/windows-10-themes-can-be-abused-to-steal-windows-passwords/

Amiga Fast File System makes minor comeback in new Linux kernel (7 sep)
https://www.theregister.com/2020/09/07/linux_5_9_rc_4/

Hackers stole 738 GB of data from Australian government agency (7 sep)
https://www.hackread.com/hackers-stole-738-gb-data-australian-government-agency/

DoppelPaymer ransomware hits Newcastle University, leaks data (7 sep)
https://www.bleepingcomputer.com/news/security/doppelpaymer-ransomware-hits-newcastle-university-leaks-data/

Netwalker ransomware hits Pakistan's largest private power utility (8 sep)
https://www.bleepingcomputer.com/news/security/netwalker-ransomware-hits-pakistans-largest-private-power-utility/

France, Japan, New Zealand warn of sudden spike in Emotet attacks (8 sep)
https://www.zdnet.com/article/france-japan-new-zealand-warn-of-sudden-spike-in-emotet-attacks/

European web hosting provider suffers multiple Tbps DDoS attacks (8 sep)
https://www.techradar.com/news/european-web-hosting-provider-suffers-multiple-tbps-ddos-attacks

Researchers Spot First Cloud Attack Abusing Legitimate Tool (8 sep)
https://www.securityweek.com/researchers-spot-first-cloud-attack-abusing-legitimate-tool

Acronis Cyber Readiness Report: Pandemic reveals cybersecurity gaps, need for new solutions (9 sep)
https://www.acronis.com/en-us/blog/posts/acronis-cyber-readiness-report-pandemic-reveals-cybersecurity-gaps-need-new-solutions

BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys (9 sep)
https://www.zdnet.com/article/blurtooth-vulnerability-lets-attackers-overwrite-bluetooth-authentication-keys/

New Raccoon Attack Can Allow Decryption of TLS Connections (10 sep)
https://www.securityweek.com/new-raccoon-attack-can-allow-decryption-tls-connections

New CDRThief malware steals VoIP metadata from Linux softswitches (10 sep)
https://www.bleepingcomputer.com/news/security/new-cdrthief-malware-steals-voip-metadata-from-linux-softswitches/

Hackers Stole $5.4 Million From Eterbase Cryptocurrency Exchange (10 sep)
https://thehackernews.com/2020/09/hackers-stole-cryptocurrencies.html

New cyberattacks targeting U.S. elections (10 sep)
https://blogs.microsoft.com/on-the-issues/2020/09/10/cyberattacks-us-elections-trump-biden/

An overview of targeted attacks and APTs on Linux (10 sep)
https://securelist.com/an-overview-of-targeted-attacks-and-apts-on-linux/98440/

Zoom rolls out two-factor authentication for all accounts (11 sep)
https://www.engadget.com/zoom-rolls-out-twofactor-video-call-authentication-for-all-accounts-084536539.html

Informationssäkerhet och blandat

A tale of two cybers - how threat reporting by cybersecurity firms systematically underrepresents threats to civil society (11 jun)
https://www.tandfonline.com/doi/full/10.1080/19331681.2020.1776658

Cybersäkerhet - En kartläggning av Sveriges nuläge 2020 och framtidsutsikter för branschen (jun)
https://linkopingsciencepark.se/wp-content/uploads/2020/08/cybersaxxkerhet-linkoping-sciencepark2020.pdf

Bitdefender - Mid-Year Threat Landscape Report 2020
https://www.bitdefender.com/files/News/CaseStudies/study/366/Bitdefender-Mid-Year-Threat-Landscape-Report-2020.pdf

Ny vägledning klargör gränser och skyldigheter för ansvariga och biträden (9 sep)
https://www.datainspektionen.se/nyheter/ny-vagledning-klargor-granser-och-skyldigheter-for-ansvariga-och-bitraden/

Debatt: ”Sverige måste satsa mer på cybersäkerhet” (10 sep)
https://www.nyteknik.se/opinion/sverige-maste-satsa-mer-pa-cybersakerhet-7000899

NSA Prepares Unclassified Threat Reports — From Home (10 sep)
https://breakingdefense.com/2020/09/nsa-prepares-unclassified-threat-reports-from-home/

CERT-SE i veckan

Sårbarhet i Intel Active Management Technology (AMT) samt Intel Standard Manageability (ISM)

Kritisk sårbarhet i PAN-OS

Microsofts månatliga säkerhetsuppdateringar för september