![[CERT-SE]](/static/img/cert-se.svg)
![[MSB]](/static/img/msb.svg)
Publicerad
CERT-SE:s veckobrev v.41
CERT-SE uppmärksammar att vid användning av publika tjänster för att undersöka potentiellt skadliga filer, finns risk för oönskad informationsspridning. CERT-SE har även uppfattat att det är många som gillar CTF. Förra helgen gick finalen i Midnight Sun CTF av stapeln! Här kan ni spana in resultatet hur de 16 deltagande lagen placerade sig: https://ctf.midnightsunctf.se/dashboard/scoreboard
Nyheter i veckan
Facebook Shut Down Malware That Hijacked Accounts to Run Ads (1 okt)
https://www.wired.com/story/facebook-shut-down-malware-that-hijacked-accounts-to-run-ads/
Cybersäkerhet avgörande för svensk konkurrenskraft (1 okt)
https://entreprenorskapsforum.se/2020/10/01/cybersakerhet-avgorande-for-svensk-konkurrenskraft/
..
Rapport: https://entreprenorskapsforum.se/wp-content/uploads/2020/09/Rapport_Cybersakerhet_Web.pdf
ZeroLogon is now detected by Microsoft Defender for Identity (CVE-2020-1472 exploitation) (1 okt)
https://techcommunity.microsoft.com/t5/microsoft-365-defender/zerologon-is-now-detected-by-microsoft-defender-for-identity-cve/ba-p/1734034
Graphology of an Exploit – Hunting for exploits by looking for the author’s fingerprints (2 okt)
https://research.checkpoint.com/2020/graphology-of-an-exploit-volodya/
Emotet Spoofs DNC in New Attack Campaign (2 okt)
https://www.darkreading.com/threat-intelligence/emotet-spoofs-dnc-in-new-attack-campaign/d/d-id/1339075
..
CISA: Alert (AA20-280A) Emotet Malware (6 okt)
https://us-cert.cisa.gov/ncas/alerts/aa20-280a
Companies that facilitate ransomware payments risk violating US sanctions (2 okt)
https://www.helpnetsecurity.com/2020/10/02/ransomware-us-sanctions/
Utrikesministeriet betalade 10 000 euro till lagliga hackare (2 okt)
https://www.vasabladet.fi/Artikel/Visa/402464
Two North American hospitality merchants hacked in May and June (4 okt)
https://www.zdnet.com/article/two-north-american-hospitality-merchants-hacked-in-may-and-june/
Clinical Trials Hit by Ransomware Attack on Health Tech Firm (3 okt)
https://www.nytimes.com/2020/10/03/technology/clinical-trials-ransomware-attack-drugmakers.html
..
Ransomware Disrupts COVID-19 Medical Trials (5 okt)
https://www.infosecurity-magazine.com/news/ransomware-disrupts-covid19/
New Jersey hospital paid ransomware gang $670K to prevent data leak (3 okt)
https://www.bleepingcomputer.com/news/security/new-jersey-hospital-paid-ransomware-gang-670k-to-prevent-data-leak/
Ransomware victims aren't reporting attacks to police. That's causing a big problem (5 okt)
https://www.zdnet.com/article/ransomware-victims-arent-reporting-attacks-to-police-thats-causing-a-big-problem/
..
Report: https://www.europol.europa.eu/sites/default/files/documents/internet_organised_crime_threat_assessment_iocta_2020.pdf
Suspected Chinese Hackers Unleash Malware That Can Survive OS Reinstalls (5 okt)
https://uk.pcmag.com/security/129035/suspected-chinese-hackers-unleash-malware-that-can-survive-os-reinstalls
PoetRAT: Malware targeting public and private sector in Azerbaijan evolves (6 okt)
https://blog.talosintelligence.com/2020/10/poetrat-update.html
Boom! Hacked page on mobile phone website is stealing customers’ card data (6 okt)
https://arstechnica.com/information-technology/2020/10/boom-hacked-page-on-mobile-phone-website-is-stealing-customers-card-data/
Hackers abuse Windows error service in fileless malware attack (6 okt)
https://www.bleepingcomputer.com/news/security/hackers-abuse-windows-error-service-in-fileless-malware-attack/
This 'invisible' malware is nearly impossible to detect (6 okt)
https://www.techradar.com/news/this-invisible-malware-is-nearly-impossible-to-detect
Release the Kraken: Fileless APT attack abuses Windows Error Reporting service (6 okt)
https://blog.malwarebytes.com/malwarebytes-news/2020/10/kraken-attack-abuses-wer-service/
Waterbear malware used in attack wave against government agencies (8 okt)
https://www.zdnet.com/article/waterbear-malware-used-in-attack-wave-against-government-agencies/
Informationssäkerhet och blandat
Nätfiske i fokus under årets Tänk säkert-kampanj (1 okt)
https://www.msb.se/sv/aktuellt/nyheter/2020/oktober/idag-startar-tank-sakert-kampanjen/
Undersköterska smygläste skjuten patients journal (2 okt)
https://www.expressen.se/kvallsposten/krim/underskoterska-smyglaste-skjuten-patients-journal/
Efter två veckor – e-posthaveriet i Göteborg ännu inte löst (2 okt)
https://computersweden.idg.se/2.2683/1.740520/e-posthaveri-goteborg
Vårdanställd tjuvläste i patientjournaler (3 okt)
https://sverigesradio.se/artikel/7567200
The politics of internet security: Private industry and the future of the web (5 okt)
https://www.atlanticcouncil.org/in-depth-research-reports/report/the-politics-of-internet-security-private-industry-and-the-future-of-the-web/
Så här får arbetsgivare hantera personuppgifter (5 okt)
https://www.datainspektionen.se/nyheter/sa-har-far-arbetsgivare-hantera-personuppgifter/
Excel: Why using Microsoft's tool caused Covid-19 results to be lost (6 okt)
https://www.bbc.com/news/technology-54423988
Nya risker – detta gäller vid hemmajobb (7 okt)
https://www.svd.se/nya-risker--detta-galler-vid-hemmajobb
Alhem: ”Viktigt värna patientsäkerheten och integriteten” (7 okt)
https://www.svt.se/nyheter/lokalt/gavleborg/viktigt-varna-patientsakerheten-och-integriteten
Flera intrång i Region Gävleborgs journalsystem – trots hög säkerhet (7 okt)
https://www.svt.se/nyheter/lokalt/gavleborg/intrang-i-journalsystemen-trots-hog-sakerhet
Stora problem med trygghetslarm i Luleå – 1600 drabbade (9 okt)
https://www.svt.se/nyheter/lokalt/norrbotten/stora-problem-med-trygghetslarm-i-lulea
CERT-SE i veckan
Risk för informationsläckage via publika tjänster för bedömning av filer