Publicerad
CERT-SE:s veckobrev v.42
Mycket ransomware i veckans nyhetsbrev. Men även ett poddtips, en genomgång hur en endpointattack går till och det senaste om hur pandemin har påverkat cyberbrottsligheten i världen. Samt några tips om hur man skapar ett bra lösenord. Trevlig helg önskar CERT-SE!
Nyheter i veckan
German tech giant Software AG down after ransomware attack (9 okt)
https://www.zdnet.com/article/german-tech-giant-software-ag-down-after-ransomware-attack/
Tyler Technologies paid ransomware gang for decryption key (10 okt)
https://www.bleepingcomputer.com/news/security/tyler-technologies-paid-ransomware-gang-for-decryption-key/
Report: U.S. Cyber Command Behind Trickbot Tricks (10 okt)
https://krebsonsecurity.com/2020/10/report-u-s-cyber-command-behind-trickbot-tricks/
Cyber Command has sought to disrupt the world’s largest botnet, hoping to reduce its potential impact on the election (10 okt)
https://www.washingtonpost.com/national-security/cyber-command-trickbot-disrupt/2020/10/09/19587aae-0a32-11eb-a166-dc429b380d10_story.html
The most common malicious email attachments infecting Windows (11 okt)
https://www.bleepingcomputer.com/news/security/the-most-common-malicious-email-attachments-infecting-windows/
Split-Second ‘Phantom’ Images Can Fool Tesla’s Autopilot (11 okt)
https://www.wired.com/story/tesla-model-x-autopilot-phantom-images/
Microsoft Takes Down a Risk to the Election, and Finds the U.S. Doing the Same (12 okt)
https://www.nytimes.com/2020/10/12/us/politics/election-hacking-microsoft.html
The anatomy of an endpoint attack (12 okt)
https://www.helpnetsecurity.com/2020/10/12/anatomy-of-an-endpoint-attack/
Ransomware Tops 2020 Threat Rankings (12 okt)
https://www.infosecurity-magazine.com/news/ransomware-tops-2020-threat
Microsoft and Other Tech Companies Take Down TrickBot Botnet (13 okt)
https://thehackernews.com/2020/10/trickbot-computer-virus.html
--
https://www.zdnet.com/article/trickbot-botnet-survives-takedown-attempt-but-microsoft-sets-new-legal-precedent/
Fake Windows Defender Antivirus Theme Used to Spread QBot (13 okt)
https://www.tripwire.com/state-of-security/security-data-protection/fake-windows-defender-antivirus-theme-used-to-spread-qbot/
Säpo: Cyberspionaget kostar miljarder (13 okt)
https://www.securityuser.com/se/Nyheter/Samhalle/sapo-cyberspionaget-kostar-miljarder
Office 365: A Favorite for Cyberattack Persistence (13 okt)
https://threatpost.com/office-365-persistent-cyberattacks/160010/
How the pandemic is changing cybercrime (14 okt)
https://www.rsa.com/en-us/blog/2020-10/how-the-pandemic-is-changing-cybercrime
Internet Freedom Has Taken a Hit During the Covid-19 Pandemic (14 okt)
https://www.wired.com/story/internet-freedom-covid-19-2020/
Iranian hackers restart attacks on universities as the new school year begins (14 okt)
https://www.zdnet.com/article/iranian-hackers-restart-attacks-on-universities-as-the-new-school-year-begins/
Cybercrime increasingly converging towards ransomware, cartel models (14 okt)
https://www.scmagazine.com/home/security-news/cybercrime/cybercrime-increasingly-converging-towards-ransomware-cartel-models/
As attackers evolve their tactics, continuous cybersecurity education is a must (14 okt)
https://www.helpnetsecurity.com/2020/10/15/continuous-cybersecurity-education/
Why Do States Publicly Attribute Cyber Intrusions? (14 okt)
https://www.cfr.org/blog/why-do-states-publicly-attribute-cyber-intrusions
Survey finds that IT departments victimized by ransomware forever changed (14 okt)
https://www.techrepublic.com/article/survey-finds-that-it-departments-victimized-by-ransomware-forever-changed/
The rise of fearware and how to fight back (14 okt)
https://www.theregister.com/2020/10/14/fearware_how_to_fight_back/
Nytt arkiv låter dig läsa meddelanden från internets barndom (15 okt)
https://computersweden.idg.se/2.2683/1.741147/arkiv-usenet-internet
--
https://usenetarchives.com/groups.php?c=utzoo
Self-driving cars can be forced to brake by hijacked billboards (15 okt)
https://www.zdnet.com/article/self-driving-cars-can-be-forced-to-brake-by-hijacked-billboards/
Interplanetary Storm Botnet Shows Signs of Anonymization-Purpose Proxy-for-Hire Infrastructure (15 okt)
https://labs.bitdefender.com/2020/10/interplanetary-storm-botnet-shows-signs-of-anonymization-purpose-proxy-for-hire-infrastructure/
”Företaget blir aldrig detsamma efter en ransomewareattack” (15 okt)
https://www.securityuser.com/se/Nyheter/Samhalle/foretaget-blir-aldrig-detsamma-efter-en-ransomewareattack
--
https://www.sophos.com/en-us/medialibrary/pdfs/whitepaper/sophos-cybersecurity-the-human-challenge-wp.pdf
Prolific Cybercrime Group Now Focused on Ransomware (15 okt)
https://www.darkreading.com/threat-intelligence/prolific-cybercrime-group-now-focused-on-ransomware/d/d-id/1339195
Iran confirms cyberattacks. Silent Librarian is back. Not spies, just crooks. Election disinformation. Content moderation. (15 okt)
https://thecyberwire.com/newsletters/daily-briefing/9/200
--
https://securityaffairs.co/wordpress/109554/cyber-warfare-2/iran-hit-cyber-attack.html
800,000 SonicWall VPNs vulnerable to new remote code execution bug (16 okt)
https://www.zdnet.com/article/800000-sonicwall-vpns-vulnerable-to-new-remote-code-execution-bug/
Informationssäkerhet och blandat
Podd #89: Tänk säkert med MSB (9 okt)
https://nikkasystems.com/2020/10/09/podd-89-tank-sakert-med-msb/
DHS: Unknown Hackers Targeted The US Census Bureau Network (10 okt)
https://www.privacy.com.sg/cybersecurity/dhs-unknown-hackers-targeted-the-us-census-bureau-network/
Säkerhetsexperten: Bristande säkerhetsrutiner bakom Twitterintrång på SR (12 okt)
https://www.dn.se/kultur/sakerhetsexperten-bristande-sakerhetsrutiner-bakom-twitterintrang-pa-sr/
Hacking Apple for Profit (12 okt)
https://www.schneier.com/blog/archives/2020/10/hacking-apple-for-profit.html
Exposing covert surveillance backdoors in children’s smartwatches (12 okt)
https://www.mnemonic.no/blog/exposing-backdoor-consumer-products
--
https://www.bankinfosecurity.com/backdoor-discovered-in-xplora-childrens-smartwatch-a-15160
Home security cams hacked in Singapore, and stolen footage sold on adult websites (12 okt)
https://www.bitdefender.com/box/blog/iot-news/home-security-cams-hacked-singapore-stolen-footage-sold-adult-websites/
Half of all virtual appliances have outdated software and serious vulnerabilities (13 okt)
https://www.csoonline.com/article/3584767/half-of-all-virtual-appliances-have-outdated-software-and-serious-vulnerabilities.html
Norge: Ryssland bakom dataintrång mot Stortinget (13 okt)
https://www.svt.se/nyheter/snabbkollen/norge-ryssland-bakom-dataintrang-mot-stortinget
--
https://www.govinfosecurity.com/norway-alleges-russia-orchestrated-parliament-email-hack-a-15175
--
https://www.aei.org/society-and-culture/regarding-the-aftermath-of-the-norwegian-parliament-hack/
Säkerhetsexperten: Så får du till ett bra lösenord (13 okt)
https://sverigesradio.se/sida/artikel.aspx?programid=128&artikel=7574130
--
Säkerhetsexperten tipsar om snuskiga lösenord (13 okt)
https://sverigesradio.se/sida/artikel.aspx?programid=97&artikel=7573708
--
https://blog.zonealarm.com/2020/10/how-to-choose-a-good-password/
Major vulnerabilities found in top virtual appliances (14 okt)
https://www.hackread.com/vulnerabilities-found-in-top-virtual-appliances/
Dokument bekräftar: Synsam blev hackat av utpressare (14 okt)
https://www.dn.se/ekonomi/dokument-bekraftar-synsam-blev-hackat-av-utpressare/
The G7 expresses its concern over ransomware attacks (14 okt)
https://securityaffairs.co/wordpress/109471/security/g7-concern-ransomware-attacks.html
COVID-19 security tips: Ensure you sack your staff without leaving their IT access enabled, says Secureworks (15 okt)
https://www.theregister.com/2020/10/15/secureworks_report/
--
https://www.secureworks.com/resources/rp-effect-covid19-incident-response
Beware COVID-19 Charity Fraudsters, Warns the FBI (15 okt)
https://hotforsecurity.bitdefender.com/blog/beware-covid-19-charity-fraudsters-warns-the-fbi-24328.html
CERT-SE i veckan
Kritisk sårbarhet påverkar SAP-produkter
Sårbarhet från Microsofts patchtisdag utnyttjas aktivt (Bad Neighbor)
Microsofts och Adobes månatliga säkerhetsuppdateringar för oktober
Allvarlig sårbarhet i Cisco Webex Teams för Windows-klienter