![[CERT-SE]](/static/img/cert-se.svg)
![[MSB]](/static/img/msb.svg)
Publicerad
CERT-SE:s veckobrev v.22
61% svarade rätt på frågan "What is phishing?" i Proofpoints "2020 State of the Phish"*. Med det sagt vill CERT-SE vill göra er uppmärksamma på National Phish & Chip Day som äger rum den 7 juni. Ett ypperligt tillfälle att öka medvetenheten om phishing.
Trevlig helg!
Nyheter i veckan
US nuclear weapon bunker security secrets spill from online flashcards since 2013 (28 maj)
https://www.theregister.com/2021/05/28/flashcards_military_nuclear/
Amazon devices will soon automatically share your Internet with neighbors (29 maj)
https://arstechnica.com/gadgets/2021/05/amazon-devices-will-soon-automatically-share-your-internet-with-neighbors/
Biden vill satsa miljarder mot hackerattacker (29 maj)
https://www.di.se/nyheter/biden-vill-satsa-miljarder-mot-hackerattacker/
Interpol intercepts $83 million fighting financial cyber crime (30 maj)
https://www.bleepingcomputer.com/news/security/interpol-intercepts-83-million-fighting-financial-cyber-crime/
Detecting Cobalt Strike and Hancitor traffic in PCAP (31 maj)
https://www.netresec.com/?page=Blog&month=2021-05&post=Detecting-Cobalt-Strike-and-Hancitor-traffic-in-PCAP
Säpo: Underrättelsehoten mot lärosäten ökar (31 maj)
https://www.dn.se/sverige/sapo-underrattelsehoten-mot-larosaten-okar/
Revisiting the NSIS-based crypter (31 maj)
https://blog.malwarebytes.com/threat-analysis/2021/05/revisiting-the-nsis-based-crypter/
Swedish Health Agency discloses hacking attempts (31 maj)
https://securityaffairs.co/wordpress/118440/hacking/swedish-health-agency-cyberattacks.html
Global meat processor JBS shuts part of operation to blunt cyberattack fallout (31 maj)
https://www.scmagazine.com/home/security-news/data-breach/jbs-hit-by-cyberattack-warns-suppliers-and-customers-of-potential-impact/
..
FBI: JBS ransomware attack was carried out by REvil (2 jun)
https://therecord.media/fbi-jbs-ransomware-attack-was-carried-out-by-revil/
Hacking continues to cause major issues across health service (1 jun)
https://www.independent.ie/irish-news/health/hacking-continues-to-cause-major-issues-across-health-service-40489613.html
This new ransomware is targeting unpatched Microsoft Exchange servers (1 jun)
https://www.techradar.com/news/a-new-ransomware-is-targeting-unpatched-microsoft-exchange-servers
US seizes domains used by APT29 in recent USAID phishing attacks (1 jun)
https://www.bleepingcomputer.com/news/security/us-seizes-domains-used-by-apt29-in-recent-usaid-phishing-attacks/
SolarWinds Attacker Novellium Attacks Over 150 Companies with Latest Mass Email Campaign (1 jun)
https://tekdeeps.com/solarwinds-attacker-novellium-attacks-over-150-companies-with-latest-mass-email-campaign/
This scary security flaw could let hackers change contracts you already signed (1 jun)
https://bgr.com/tech/security-flaw-in-pdf-could-let-hackers-change-documents-5928865/
There's a lesson here for us all: A third of healthcare orgs in Sophos survey 'hit with ransomware in 2020' (1 jun)
https://www.theregister.com/2021/06/01/healthcare_orgs_ransomware_sophos/
Colonial Pipeline led to a cyber order for sector operators. Will JBS lead to more? (1 jun)
https://www.scmagazine.com/home/government/colonial-pipeline-led-to-a-cyber-order-will-jbs-lead-to-more/
Are Ransomware Attacks Impeding Criminal Prosecutions? (1 jun)
https://www.bankinfosecurity.com/are-ransomware-attacks-impeding-criminal-prosecutions-a-16781
Privateers: A New Type of Ransomware Syndicate (1 jun)
https://cyware.com/news/privateers-a-new-type-of-ransomware-syndicate-e4693626
How ransomware actors are adding DDoS attacks to their arsenals (2 jun)
https://www.techrepublic.com/article/how-ransomware-actors-are-adding-ddos-attacks-to-their-arsenals/
WebLogic RCE Leads to XMRig (3 jun)
https://thedfirreport.com/2021/06/03/weblogic-rce-leads-to-xmrig/
SharpPanda: Chinese APT Group Targets Southeast Asian Government With Previously Unknown Backdoor (3 jun)
https://research.checkpoint.com/2021/chinese-apt-group-targets-southeast-asian-government-with-previously-unknown-backdoor/
Australia’s cybersecurity agency says it averted more attacks by hackers who crippled Nine (3 jun)
https://www.theguardian.com/australia-news/2021/jun/03/australias-cybersecurity-agency-says-it-averted-more-attacks-by-hackers-who-crippled-nine
Så knäcktes EncroChat av polisen (3 jun)
https://kryptera.se/sa-knacktes-encrochat-av-polisen/
Exclusive-U.S. to give ransomware hacks similar priority as terrorism, official says (3 jun)
https://www.reuters.com/article/cyber-usa-ransomware-idUSL2N2NC1SD
Barn låg bakom it-attack mot Region Gotland (3 jun)
https://www.svd.se/barn-lag-bakom-it-attack-mot-region-gotland
The most destructive cybersecurity threats in 2021 (3 jun)
https://betanews.com/2021/06/03/cybersecurity-threats-2021/
Chinese hackers used Pulse Secure zero day vulnerability to infiltrate MTA systems (3 jun)
https://www.scmagazine.com/home/security-news/data-breach/chinese-hackers-used-pulse-secure-zero-day-vulnerability-to-infiltrate-mta-systems/
Informationssäkerhet och blandat
I quit my job to focus on SerenityOS full time (28 maj)
https://awesomekling.github.io/I-quit-my-job-to-focus-on-SerenityOS-full-time/
Försök till dataintrång orsak till uteblivna uppdateringar (31 maj)
https://sverigesradio.se/artikel/forsok-till-dataintrang-orsak-till-uteblivna-uppdateringar
The site that tells you if you were hacked has partnered with the FBI (31 maj)
https://bgr.com/tech/have-i-been-pwned-service-fbi-integration-5928603/
The human cost of understaffed SOCs (1 jun)
https://www.helpnetsecurity.com/2021/06/01/human-cost-understaffed-socs/
EU Digital COVID Certificate: EU Gateway goes live with seven countries one month ahead of deadline (1 jun)
https://ec.europa.eu/commission/presscorner/detail/en/IP_21_2721
Polis avskedas efter dataintrång (1 jun)
https://sverigesradio.se/artikel/polis-avskedas-efter-dataintrang
The most important point in a cyberattack is before it happens (2 jun)
https://www.helpnetsecurity.com/2021/06/02/cyberattack-moment/
Säpo-agenten och hackaren jobbar tillsammans mot cyberhoten (2 jun)
https://www.dn.se/ekonomi/sapo-agenten-och-hackaren-jobbar-tillsammans-mot-cyberhoten/
Remiss av delrapport om utlämnande av mikrodata till Luxembourg Income Study (LIS) (31 maj)
https://www.regeringen.se/remisser/2021/05/remiss-av-delrapport-om-utlamnande-av-mikrodata-till-luxembourg-income-study-lis-fran-utredningen-om-hushallens-tillgangar-och-skulder/
..
Utlämnande av mikrodata till Luxembourg Income Study (LIS) (29 apr)
https://www.regeringen.se/rapporter/2021/04/utlamnande-av-mikrodata-till-luxembourg-income-study-lis/
..
Delrapport: https://www.regeringen.se/4994fe/contentassets/3de3e1fb2ba54fd69efc63d3da89b916/utlamnande-av-mikrodata-till-luxembourg-income-study-lis.pdf
National Phish & Chip Day – raising awareness of scams
https://www.herts.police.uk/news-and-appeals/national-phish-chip-day-raising-awareness-of-scams-0319all
CERT-SE i veckan
Allvarlig sårbarhet i Lasso påverkar flera single-sign-on-produkter
Sårbarhet i Sonicwall Network Security Manager
[*] 2020 State of the Phish: https://www.proofpoint.com/sites/default/files/gtd-pfpt-us-tr-state-of-the-phish-2020.pdf