![[CERT-SE]](/static/img/cert-se.svg)
![[MSB]](/static/img/msb.svg)
Publicerad
CERT-SE:s veckobrev v.43
Denna vecka bjuder CERT-SE på bland annat lite ransomeware och lite DDoS. Dessutom blir det ett par rapporter, några incidenter lite annat blandat.
Trevlig helg önskar CERT-SE!
Nyheter i veckan
Interplanetary Storm Botnet Shows Signs of Anonymization-Purpose Proxy-for-Hire Infrastructure (15 okt)
https://securityboulevard.com/2020/10/interplanetary-storm-botnet-shows-signs-of-anonymization-purpose-proxy-for-hire-infrastructure/
New Emotet attacks use fake Windows Update lures (15 okt)
https://www.zdnet.com/article/new-emotet-attacks-use-fake-windows-update-lures/
ThunderX Ransomware rebrands as Ranzy Locker, adds data leak site (16 okt)
https://www.bleepingcomputer.com/news/security/thunderx-ransomware-rebrands-as-ranzy-locker-adds-data-leak-site/
Exponential growth in DDoS attack volumes (16 okt)
https://cloud.google.com/blog/products/identity-security/identifying-and-protecting-against-the-largest-ddos-attacks
Hackers now abuse BaseCamp for free malware hosting (17 okt)
https://www.bleepingcomputer.com/news/security/hackers-now-abuse-basecamp-for-free-malware-hosting/
Ryuk in 5 Hours (18 okt)
https://thedfirreport.com/2020/10/18/ryuk-in-5-hours/
This new malware uses remote overlay attacks to hijack your bank account (19 okt)
https://www.zdnet.com/article/this-new-malware-uses-remote-overlay-attacks-to-hijack-your-bank-account/
Three reasons the ‘moving target defense’ can stop bot attacks (19 okt)
https://www.scmagazine.com/perspectives/three-reasons-the-moving-target-defense-can-stop-bot-attacks/
GravityRAT: The spy returns (19 okt)
https://securelist.com/gravityrat-the-spy-returns/
When you tell Chrome to wipe private data about you, it spares two websites from the purge: Google.com, YouTube (19 okt)
https://www.theregister.com/2020/10/19/google_cookie_wipe/
$1M Cyber Resiliency Fund launched to support security operations impacted by pandemic (19 okt)
https://www.scmagazine.com/home/sc-corporate-news/1m-cyber-resiliency-fund-launched-to-support-security-operations-impacted-by-pandemic/
A Closer Look at the Attempted Ransomware Attack on Tesla (19 okt)
https://securityboulevard.com/2020/10/a-closer-look-at-the-attempted-ransomware-attack-on-tesla/
Microsoft is Most Imitated Brand for Phishing Attempts in Q3 2020 (19 okt)
https://www.checkpoint.com/press/2020/microsoft-is-most-imitated-brand-for-phishing-attempts-in-q3-2020/
Six Russian GRU Officers Charged in Connection with Worldwide Deployment of Destructive Malware and Other Disruptive Actions in Cyberspace (19 okt)
https://www.justice.gov/opa/pr/six-russian-gru-officers-charged-connection-worldwide-deployment-destructive-malware-and
..
UK and partners condemn GRU cyber attacks against Olympic and Paralympic Games (19 okt)
https://www.ncsc.gov.uk/news/uk-and-partners-condemn-gru-cyber-attacks-against-olympic-an-paralympic-games
Mysterious 'Robin Hood' hackers donating stolen money (20 okt)
https://www.bbc.com/news/technology-54591761
Is poor cyber hygiene crippling your security program? (20 okt)
https://www.helpnetsecurity.com/2020/10/20/vulnerabilities-remote-work/
An update on disruption of Trickbot (20 okt)
https://blogs.microsoft.com/on-the-issues/2020/10/20/trickbot-ransomware-disruption-update/
Cyberattack mot Badanstalten (21 okt)
https://www.stromstadstidning.se/nyheter/str%C3%B6mstad/cyberattack-mot-badanstalten-1.35866211
SVT avslöjar: Allvarliga brister i trygghetslarm – kommuner informerades inte (22 okt)
https://www.svt.se/nyheter/inrikes/svt-avslojar-allvarliga-brister-i-trygghetslarm-kommuner-informerades-inte
MobileIron enterprise MDM servers under attack from DDoS gangs, nation-states (21 okt)
https://www.zdnet.com/article/mobileiron-enterprise-mdm-servers-under-attack-from-ddos-gangs-nation-states/
MMO game Street Mobster leaking data of 1.9 million users due to critical vulnerability (21 okt)
https://cybernews.com/security/street-mobster-game-leaking-data-of-2-million-players/
Unsecured Voice Transcripts Expose Health Data - Again (21 okt)
https://www.govinfosecurity.com/unsecured-voice-transcripts-expose-health-data-again-a-15219
Informationssäkerhet och blandat
Opinion: How Ransomware Puts Your Hospital at Risk (17 okt)
https://www.nytimes.com/2020/10/17/opinion/hospital-internet-security-ransomware.html
Här lär sig soldater hacka för att hindra cyberattacker (19 okt)
https://universitetslararen.se/2020/10/19/har-lar-sig-soldater-hacka-for-att-hindra-cyberattacker/
Here’s a five-step security plan for industrial environments (20 okt)
https://www.scmagazine.com/perspectives/heres-a-five-step-cybersecurity-plan-for-industrial-environments/
Deepfake bots on Telegram make the work of creating fake nudes dangerously easy (20 okt)
https://www.theverge.com/2020/10/20/21519322/deepfake-fake-nudes-telegram-bot-deepnude-sensity-report
Viktigt för enskilda hur deras personuppgifter hanteras (20 okt)
https://www.datainspektionen.se/nyheter/viktigt-for-enskilda-hur-deras-personuppgifter-hanteras/
EU Threat Landscape Report: Cyber attacks are becoming more sophisticated, targeted and widespread (20 okt)
https://ec.europa.eu/digital-single-market/en/news/eu-threat-landscape-report-cyber-attacks-are-becoming-more-sophisticated-targeted-and
CERT-EU: Direct Threats to EU Institutions, Bodies and Agencies
https://media.cert.europa.eu/static/MEMO/2020/TLP-WHITE-2020Q3-Threat_Landscape_Report-Executive-Summary-v1.0.pdf