CERT-SE:s veckobrev v.8
I slutet på årets kortaste månad kommer här ett ganska långt veckobrev. Den här veckan handlar många av artiklarna om olika angrepp både i vårt närområde och på andra kontinenter. Det blir såklart lite ransomware, rapporter och annat smått och gott med.
Trevlig helg önskar CERT-SE!
Nyheter i veckan
Telephony Denial of Service Attacks Can Disrupt Emergency Call Center Operations (17 feb) https://www.ic3.gov/Media/Y2021/PSA210217
Clipping Silver Sparrow’s wings: Outing macOS malware before it takes flight (18 feb) https://redcanary.com/blog/clipping-silver-sparrows-wings/
Regionens hemsida utsatt för överbelastnings-attack - nu saknas uppdateringar (19 feb) https://sverigesradio.se/artikel/regionens-hemsida-utsatt-for-overbelastnings-attack-nu-saknas-uppdateringar
Virtual passport app presents real data risk, experts warn (22 feb) https://www.cbc.ca/news/canada/ottawa/passport-application-online-program-1.5920625
Clubhouse Chats Are Breached, Raising Concerns Over Security (22 feb) https://www.bloomberg.com/news/articles/2021-02-22/clubhouse-chats-are-breached-raising-concerns-over-security
China Hijacked an NSA Hacking Tool in 2014—and Used It for Years (22 feb) https://www.wired.com/story/china-nsa-hacking-tool-epme-hijack/
Why we can expect another SolarWinds attack (22 feb) https://www.scmagazine.com/perspectives/why-we-can-expect-another-solarwinds-attack/
Clop ransomware gang leaks online what looks like stolen Bombardier blueprints of GlobalEye radar snoop jet (23 feb) https://www.theregister.com/2021/02/23/bombardier_clop_ransomware_leaks/
FireEye and Microsoft execs, senators dissect mandatory breach disclosure in wake of SolarWinds (23 feb) https://www.scmagazine.com/home/security-news/government-and-defense/fireeye-and-microsoft-execs-senators-dissect-mandatory-breach-disclosure-in-wake-of-solarwinds/
Remote learning made universities more vulnerable to cyberattacks (23 feb) https://edscoop.com/bluevoyant-university-cyberattacks-ransomware-report/
Bank-id låg nere efter attack (23 feb) https://www.svt.se/nyheter/inrikes/bank-id-ligger-nere-1
Indian Railways suffers unspecified security ‘breaches in various IT applications’ (24 feb) https://www.theregister.com/2021/02/24/indian_railways_admits_multiple_breaches/
Kommunens sajt utsatt för attack (24 feb) https://sverigesradio.se/artikel/kommunens-sajt-utsatt-for-attack
Smith: Tusen personer krävdes i Solarwindshack (24 feb) https://www.dn.se/ekonomi/smith-tusen-personer-kravdes-i-solarwindshack/
Most businesses see state-sponsored cyberattacks as a major threat (24 feb) https://www.helpnetsecurity.com/2021/02/24/state-sponsored-cyberattacks/
U.S. municipalities are the perfect target for cybercriminals in 2021 (24 feb) https://www.helpnetsecurity.com/2021/02/24/cybercriminals-target-municipalities/
The NCCC at the NSDC of Ukraine warns of a cyberattack on the document management system of state bodies (24 feb) https://www.rnbo.gov.ua/en/Diialnist/4823.html
Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique (24 feb) https://thehackernews.com/2021/02/online-trackers-increasingly-switching.html
These four new hacking groups are targeting critical infrastructure, warns security company (25 feb) https://www.zdnet.com/article/these-four-new-hacking-groups-are-targeting-critical-infrastructure-warns-security-company/
Hotbilden mot Sverige har blivit alltmer komplex (25 feb) https://www.forsvarsmakten.se/sv/aktuellt/2021/02/hotbilden-mot-sverige-har-blivit-alltmer-komplex/
Myndigheter lovar anonymitet – men skickar ip-adresser till Google (26 feb) https://sverigesradio.se/artikel/myndigheter-lovar-anonymitet-men-skickar-ip-adresser-till-google
Stockholm stoppar alternativa appen för Skolplattformen (26 feb) https://www.dn.se/sthlm/stockholm-stoppar-alternativa-appen-for-skolplattformen/
Cyber gang hacks into Oxford University’s Covid-19 lab (26 feb) https://www.cityam.com/cyber-gang-hacks-into-oxford-universitys-covid-19-lab/
Informationssäkerhet och blandat
The modern packager’s security nightmare (19 feb) https://blogs.gentoo.org/mgorny/2021/02/19/the-modern-packagers-security-nightmare/
Database encryption: Protecting the crown jewels (22 feb) https://www.helpnetsecurity.com/2021/02/22/database-encryption/
IBM Security Report: Attacks on Industries Supporting COVID-19 Response Efforts Double (24 feb) https://newsroom.ibm.com/2021-02-24-IBM-Security-Report-Attacks-on-Industries-Supporting-COVID-19-Response-Efforts-Double
Potential Accellion File Transfer Appliance compromise (25 feb) https://www.cyber.gov.au/acsc/view-all-content/alerts/potential-accellion-file-transfer-appliance-compromise
From WHOIS to WHOWAS: A Large-ScaleMeasurement Study of Domain Registration Privacyunder the GDPR https://www.ndss-symposium.org/wp-content/uploads/ndss2021_2A-2_23134_paper.pdf