Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

Vi söker chef till Enheten för operativ cybersäkerhetsförmåga, en viktig roll i arbetet med att utveckla Sveriges förmåga att förebygga och hantera it-incidenter. Sista ansökningsdag är den 19 oktober.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.22

61% svarade rätt på frågan "What is phishing?" i Proofpoints "2020 State of the Phish"*. Med det sagt vill CERT-SE vill göra er uppmärksamma på National Phish & Chip Day som äger rum den 7 juni. Ett ypperligt tillfälle att öka medvetenheten om phishing.

Trevlig helg!

Nyheter i veckan

US nuclear weapon bunker security secrets spill from online flashcards since 2013 (28 maj)
https://www.theregister.com/2021/05/28/flashcards_military_nuclear/

Amazon devices will soon automatically share your Internet with neighbors (29 maj)
https://arstechnica.com/gadgets/2021/05/amazon-devices-will-soon-automatically-share-your-internet-with-neighbors/

Biden vill satsa miljarder mot hackerattacker (29 maj)
https://www.di.se/nyheter/biden-vill-satsa-miljarder-mot-hackerattacker/

Interpol intercepts $83 million fighting financial cyber crime (30 maj)
https://www.bleepingcomputer.com/news/security/interpol-intercepts-83-million-fighting-financial-cyber-crime/

Detecting Cobalt Strike and Hancitor traffic in PCAP (31 maj)
https://www.netresec.com/?page=Blog&month=2021-05&post=Detecting-Cobalt-Strike-and-Hancitor-traffic-in-PCAP

Säpo: Underrättelsehoten mot lärosäten ökar (31 maj)
https://www.dn.se/sverige/sapo-underrattelsehoten-mot-larosaten-okar/

Revisiting the NSIS-based crypter (31 maj)
https://blog.malwarebytes.com/threat-analysis/2021/05/revisiting-the-nsis-based-crypter/

Swedish Health Agency discloses hacking attempts (31 maj)
https://securityaffairs.co/wordpress/118440/hacking/swedish-health-agency-cyberattacks.html

Global meat processor JBS shuts part of operation to blunt cyberattack fallout (31 maj)
https://www.scmagazine.com/home/security-news/data-breach/jbs-hit-by-cyberattack-warns-suppliers-and-customers-of-potential-impact/
..
FBI: JBS ransomware attack was carried out by REvil (2 jun)
https://therecord.media/fbi-jbs-ransomware-attack-was-carried-out-by-revil/

Hacking continues to cause major issues across health service (1 jun)
https://www.independent.ie/irish-news/health/hacking-continues-to-cause-major-issues-across-health-service-40489613.html

This new ransomware is targeting unpatched Microsoft Exchange servers (1 jun)
https://www.techradar.com/news/a-new-ransomware-is-targeting-unpatched-microsoft-exchange-servers

US seizes domains used by APT29 in recent USAID phishing attacks (1 jun)
https://www.bleepingcomputer.com/news/security/us-seizes-domains-used-by-apt29-in-recent-usaid-phishing-attacks/

SolarWinds Attacker Novellium Attacks Over 150 Companies with Latest Mass Email Campaign (1 jun)
https://tekdeeps.com/solarwinds-attacker-novellium-attacks-over-150-companies-with-latest-mass-email-campaign/

This scary security flaw could let hackers change contracts you already signed (1 jun)
https://bgr.com/tech/security-flaw-in-pdf-could-let-hackers-change-documents-5928865/

There's a lesson here for us all: A third of healthcare orgs in Sophos survey 'hit with ransomware in 2020' (1 jun)
https://www.theregister.com/2021/06/01/healthcare_orgs_ransomware_sophos/

Colonial Pipeline led to a cyber order for sector operators. Will JBS lead to more? (1 jun)
https://www.scmagazine.com/home/government/colonial-pipeline-led-to-a-cyber-order-will-jbs-lead-to-more/

Are Ransomware Attacks Impeding Criminal Prosecutions? (1 jun)
https://www.bankinfosecurity.com/are-ransomware-attacks-impeding-criminal-prosecutions-a-16781

Privateers: A New Type of Ransomware Syndicate (1 jun)
https://cyware.com/news/privateers-a-new-type-of-ransomware-syndicate-e4693626

How ransomware actors are adding DDoS attacks to their arsenals (2 jun)
https://www.techrepublic.com/article/how-ransomware-actors-are-adding-ddos-attacks-to-their-arsenals/

WebLogic RCE Leads to XMRig (3 jun)
https://thedfirreport.com/2021/06/03/weblogic-rce-leads-to-xmrig/

SharpPanda: Chinese APT Group Targets Southeast Asian Government With Previously Unknown Backdoor (3 jun)
https://research.checkpoint.com/2021/chinese-apt-group-targets-southeast-asian-government-with-previously-unknown-backdoor/

Australia’s cybersecurity agency says it averted more attacks by hackers who crippled Nine (3 jun)
https://www.theguardian.com/australia-news/2021/jun/03/australias-cybersecurity-agency-says-it-averted-more-attacks-by-hackers-who-crippled-nine

Så knäcktes EncroChat av polisen (3 jun)
https://kryptera.se/sa-knacktes-encrochat-av-polisen/

Exclusive-U.S. to give ransomware hacks similar priority as terrorism, official says (3 jun)
https://www.reuters.com/article/cyber-usa-ransomware-idUSL2N2NC1SD

Barn låg bakom it-attack mot Region Gotland (3 jun)
https://www.svd.se/barn-lag-bakom-it-attack-mot-region-gotland

The most destructive cybersecurity threats in 2021 (3 jun)
https://betanews.com/2021/06/03/cybersecurity-threats-2021/

Chinese hackers used Pulse Secure zero day vulnerability to infiltrate MTA systems (3 jun)
https://www.scmagazine.com/home/security-news/data-breach/chinese-hackers-used-pulse-secure-zero-day-vulnerability-to-infiltrate-mta-systems/

Informationssäkerhet och blandat

I quit my job to focus on SerenityOS full time (28 maj)
https://awesomekling.github.io/I-quit-my-job-to-focus-on-SerenityOS-full-time/

Försök till dataintrång orsak till uteblivna uppdateringar (31 maj)
https://sverigesradio.se/artikel/forsok-till-dataintrang-orsak-till-uteblivna-uppdateringar

The site that tells you if you were hacked has partnered with the FBI (31 maj)
https://bgr.com/tech/have-i-been-pwned-service-fbi-integration-5928603/

The human cost of understaffed SOCs (1 jun)
https://www.helpnetsecurity.com/2021/06/01/human-cost-understaffed-socs/

EU Digital COVID Certificate: EU Gateway goes live with seven countries one month ahead of deadline (1 jun)
https://ec.europa.eu/commission/presscorner/detail/en/IP_21_2721

Polis avskedas efter dataintrång (1 jun)
https://sverigesradio.se/artikel/polis-avskedas-efter-dataintrang

The most important point in a cyberattack is before it happens (2 jun)
https://www.helpnetsecurity.com/2021/06/02/cyberattack-moment/

Säpo-agenten och hackaren jobbar tillsammans mot cyberhoten (2 jun)
https://www.dn.se/ekonomi/sapo-agenten-och-hackaren-jobbar-tillsammans-mot-cyberhoten/

Remiss av delrapport om utlämnande av mikrodata till Luxembourg Income Study (LIS) (31 maj)
https://www.regeringen.se/remisser/2021/05/remiss-av-delrapport-om-utlamnande-av-mikrodata-till-luxembourg-income-study-lis-fran-utredningen-om-hushallens-tillgangar-och-skulder/
..
Utlämnande av mikrodata till Luxembourg Income Study (LIS) (29 apr)
https://www.regeringen.se/rapporter/2021/04/utlamnande-av-mikrodata-till-luxembourg-income-study-lis/
..
Delrapport: https://www.regeringen.se/4994fe/contentassets/3de3e1fb2ba54fd69efc63d3da89b916/utlamnande-av-mikrodata-till-luxembourg-income-study-lis.pdf

National Phish & Chip Day – raising awareness of scams
https://www.herts.police.uk/news-and-appeals/national-phish-chip-day-raising-awareness-of-scams-0319all

CERT-SE i veckan

Allvarlig sårbarhet i Lasso påverkar flera single-sign-on-produkter

Sårbarhet i Sonicwall Network Security Manager

[*] 2020 State of the Phish: https://www.proofpoint.com/sites/default/files/gtd-pfpt-us-tr-state-of-the-phish-2020.pdf