Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

Vi söker junior IT-säkerhetsspecialist och deskmedarbetare hos CERT-SE, centrala roller i arbetet med att utveckla Sveriges förmåga att hantera it-incidenter. Sista ansökningsdag är den 8 augusti.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.13

Ransomware, cyberattacker eller sårbara system. Som försvarare i den här branschen får man inte vara en kyckling.
Här kommer i alla fall CERT-SE:s påskägg med både läsning och pyssel.

Ta chansen och lös ett krypto! Påskpyssel från FRA!

Glad påsk önskar CERT-SE!

Nyheter i veckan

Credit Card Hacking Forum Gets Hacked, Exposing 300,000 Hackers’ Accounts (25 mar)
https://www.vice.com/en/article/v7m9jx/credit-card-hacking-forum-gets-hacked-exposing-300000-hackers-accounts

Microsoft Offers Up To $30K For Teams Bugs (25 mar)
https://threatpost.com/microsoft-30k-teams-bugs/165037/

Ransomware gang urges victims’ customers to demand a ransom payment (26 mar)
https://www.bleepingcomputer.com/news/security/ransomware-gang-urges-victims-customers-to-demand-a-ransom-payment/

New 5G protocol vulnerabilities allow location tracking (26 mar)
https://therecord.media/new-5g-protocol-vulnerabilities-allow-location-tracking/

New Advanced Android Malware Posing as “System Update” (26 mar)
https://blog.zimperium.com/new-advanced-android-malware-posing-as-system-update/

How Old Breaches Fuel New Identity Crimes (27 mar)
https://www.govinfosecurity.com/how-old-breaches-fuel-new-identity-crimes-a-16280

German Parliament Sustains Another Attack (27 mar)
https://www.govinfosecurity.com/german-parliament-sustains-another-attack-a-16282

Apple releases emergency update for iPhones, iPads, and Apple Watch (27 mar)
https://www.zdnet.com/article/apple-releases-emergency-update-for-iphones-ipads-and-apple-watch/

Australian TV station Channel 9 misses broadcasts after cyber-attack (28 mar)
https://therecord.media/australian-tv-station-channel-9-misses-broadcasts-after-cyber-attack/

No, I Did Not Hack Your MS Exchange Server (28 mar)
https://krebsonsecurity.com/2021/03/no-i-did-not-hack-your-ms-exchange-server/

Cyber insurance giant CNA hit by ransomware attack (28 mar)
https://grahamcluley.com/cyber-insurance-giant-cna-hit-by-ransomware-attack/

Critical netmask networking bug impacts thousands of applications (28 mar)
https://www.bleepingcomputer.com/news/security/critical-netmask-networking-bug-impacts-thousands-of-applications/

Changes to Git commit workflow (28 mar)
https://news-web.php.net/php.internals/113838

Universal “netmask” npm package, used by 270,000+ projects, vulnerable to octal input data: ... (28 mar)
https://sick.codes/universal-netmask-npm-package-used-by-270000-projects-vulnerable-to-octal-input-data-server-side-request-forgery-remote-file-inclusion-local-file-inclusion-and-more-cve-2021-28918/

Hades Ransomware Linked to Hafnium and Exchange Attacks (29 mar)
https://www.infosecurity-magazine.com/news/hades-ransomware-linked-hafnium/

A Verizon security expert on why 5G is raising the bar for cyber defenders (29 mar)
https://therecord.media/a-verizon-security-expert-on-why-5g-is-raising-the-bar-for-cyber-defenders/

Sodinokibi (aka REvil) Ransomware (29 mar)
https://thedfirreport.com/2021/03/29/sodinokibi-aka-revil-ransomware/

London’s biggest school trust hit by ransomware (29 mar)
https://therecord.media/londons-biggest-school-trust-hit-by-ransomware/

AP sources: SolarWinds hack got emails of top DHS officials (29 mar)
https://apnews.com/article/solarwinds-hack-email-top-dhs-officials-8bcd4a4eb3be1f8f98244766bae70395

PHP Infiltrated with Backdoor Malware (29 mar)
https://threatpost.com/php-infiltrated-backdoor-malware/165061/

Targeted email attacks are on the rise (30 mar)
https://www.itproportal.com/news/targeted-email-attacks-are-on-the-rise/

Stor säkerhetslucka i Stockholms stads it-system – sårbart för attacker (30 mar)
https://www.nyteknik.se/digitalisering/stor-sakerhetslucka-i-stockholms-stads-it-system-sarbart-for-attacker-7012123

APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign (30 mar)
https://securelist.com/apt10-sophisticated-multi-layered-loader-ecipekac-discovered-in-a41apt-campaign/101519/

Whistleblower: Ubiquiti Breach “Catastrophic” (30 mar)
https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/

Akamai Sees Largest DDoS Extortion Attack Known to Date (30 mar)
https://www.securityweek.com/akamai-sees-largest-ddos-extortion-attack-known-date

APT Charming Kitten Pounces on Medical Researchers (31 mar)
https://threatpost.com/charming-kitten-pounces-on-researchers/165129/

Hackers are implanting multiple backdoors at industrial targets in Japan (31 mar)
https://thehackernews.com/2021/03/hackers-are-implanting-multiple.html

informationssäkerhet och blandat

Cybersecurity Framework Election Infrastructure Profile
https://csrc.nist.gov/publications/detail/nistir/8310/draft

Integritetsincidenterna ökar för fjärde året i rad (28 mar)
https://www.telekomnyheterna.se/pub2/viewArticle?articleId=58952

HOWTO backdoor curl (30 mar)
https://daniel.haxx.se/blog/2021/03/30/howto-backdoor-curl/

What is cyber risk quantification, and why is it important? (30 mar)
https://www.techrepublic.com/article/what-is-cyber-risk-quantification-and-why-is-it-important/

Tips for robotics developers (30 mar)
https://www.techrepublic.com/videos/tips-for-robotic-developers/

10 pioneering women in information security (30 mar)
https://www.csoonline.com/article/3613418/10-pioneering-women-in-information-security.html

FI vill att störningar i Swish följs upp och rapporteras (31 mar)
https://www.fi.se/sv/publicerat/nyheter/2021/fi-vill-att-storningar-i-swish-foljs-upp-och-rapporteras/

Undersökning av informations- och cybersäkerhet (31 mar)
https://www.fi.se/sv/publicerat/undersokningar/undersokningar-lista/2021/undersokning-av-informations--och-cybersakerhet/

Ekot: Svenska medborgare i läckt kinesisk övervakningsdatabas (1 apr)
https://www.dn.se/varlden/ekot-svenska-medborgare-i-lackt-kinesisk-overvakningsdatabas/

CERT-SE i veckan

Sårbarhet i Apache SpamAssassin