CERT-SE:s veckobrev v.23
I veckan har det rapporterats om bland annat störningarna som ledde till att delar av internet blev otillgängligt, ransomware mot den brittiska utbildningssektorn och den största lösenordsläckan hittills. Mer glädjande är att delar av lösensumman för angreppet mot Colonial Pipeline har återfåtts.
Trevlig läsning och trevlig helg önskar CERT-SE!
Nyheter i veckan
Government action on ransomware epidemic gathers pace (4 jun) https://www.computerweekly.com/news/252501907/Government-action-on-ransomware-epidemic-gathers-pace
Svensk sjukvård är dåligt rustad mot cyberattacker (4 jun) (Bakom betalvägg) https://www.etc.se/inrikes/svensk-sjukvard-ar-daligt-rustad-mot-cyberattacker
Alert: Further ransomware attacks on the UK education sector by cyber criminals (4 jun) https://www.ncsc.gov.uk/news/alert-targeted-ransomware-attacks-on-uk-education-sector
US Justice Department accuses Latvian national of deploying Trickbot malware (7 jun) https://www.zdnet.com/article/us-justice-department-accuses-latvian-national-of-creating-and-deploying-trickbot-malware/
Military Vehicles Maker Navistar Reports Data-Theft Cyberattack (7 jun) https://www.securityweek.com/military-vehicles-maker-navistar-reports-data-theft-cyberattack
First on CNN: US recovers millions in cryptocurrency paid to Colonial Pipeline ransomware hackers (7 jun) https://edition.cnn.com/2021/06/07/politics/colonial-pipeline-ransomware-recovered/index.html .. Polisen har lyckats återfå delar av lösensumma för hackad oljeledning (7 jun) https://www.dn.se/varlden/polisen-har-lyckats-aterfa-delar-av-losensumma-for-hackad-oljeledning/
RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries (7 jun) https://cybernews.com/security/rockyou2021-alltime-largest-password-compilation-leaked/ .. Largest collection of passwords ever has been leaked online (9 jun) https://www.techradar.com/news/largest-collection-of-passwords-ever-has-been-leaked-online
Cyber defenses again on high alert (8 jun) https://www.controlglobal.com/articles/2021/cyber-defenses-again-on-high-alert/
Dozens of Dutch gov’t websites not properly secured: report (9 jun) https://nltimes.nl/2021/06/09/dozens-dutch-govt-websites-properly-secured-report
ANOM: Hundreds arrested in massive global crime sting using messaging app (9 jun) https://www.bbc.com/news/world-57394831
Avanza läckte kunduppgifter till Facebook i över ett år (9 jun) https://sverigesradio.se/artikel/avanza-lackte-kunduppgifter-till-facebook-i-over-ett-ar
Microsoft Exchange Server vulnerabilities, ransomware lead spring 2021 cyberattack trends (10 jun) https://www.techrepublic.com/article/microsoft-exchange-server-vulnerabilities-ransomware-lead-spring-2021-cyberattack-trends/
EA hackat – spelutvecklaren bestulna på källkod (10 jun) https://www.dn.se/varlden/ea-hackat-spelutvecklaren-besluten-pa-kallkod/ .. Hackers Steal Wealth of Data from Game Giant EA (10 jun) https://www.vice.com/en/article/wx5xpx/hackers-steal-data-electronic-arts-ea-fifa-source-code
Fastly
Summary of June 8 outage (8 jun) https://www.fastly.com/blog/summary-of-june-8-outage
A massive outage just took large sections of the internet offline (8 jun) https://www.zdnet.com/article/a-massive-outage-just-took-large-sections-of-the-internet-offline/
Expert: Skrämmande med så stort avbrott (8 jun) https://www.gp.se/nyheter/v%C3%A4rlden/expert-skr%C3%A4mmande-med-s%C3%A5-stort-avbrott-1.48999065
Fastly’s global outage: Here’s what went wrong (9 jun) https://www.zdnet.com/article/fastlys-global-outage-heres-what-went-wrong/
Orsaken till gårdagens internetkaos: en kund hos Fastly ändrade en inställning (9 jun) https://computersweden.idg.se/2.2683/1.752164/fastly-bugg-bakom-tisdagens-internetkaos
Informationssäkerhet och blandat
Detailed incident report: Incorrect Cache Configuration leading to Klarna App Exposing Personal Information (27 maj) https://www.klarna.com/se/blogg/detailed-incident-report-incorrect-cache-configuration-leading-to-klarna-app-exposing-personal-information/
Polismejl som kom fel ledde till dom för dataintrång (4 jun) https://www.nyteknik.se/sakerhet/polismejl-som-kom-fel-ledde-till-dom-for-dataintrang-7016134
Attacks on Healthcare Industry Continue to Thrive, Despite Increased Security Measures (4 jun) https://www.globalsecuritymag.com/Attacks-on-Healthcare-Industry,20210604,112437.html
New EU copyright rules that will benefit creators, businesses and consumers start to apply (4 jun) https://digital-strategy.ec.europa.eu/en/news/new-eu-copyright-rules-will-benefit-creators-businesses-and-consumers-start-apply
Hacker lexicon: What is a supply chain attack? (6 jun) https://arstechnica.com/information-technology/2021/06/hacker-lexicon-what-is-a-supply-chain-attack/
Granskning klar av 1177-incident (8 jun) https://www.imy.se/nyheter/granskning-klar-av-1177-incident/ .. De får skulden för 1177-läckan – döms att betala miljoner (8 jun) https://computersweden.idg.se/2.2683/1.752106/1177-lackan-fardiggranskad–medhelp-ska-bota-12-miljoner
Hackers can mess with HTTPS connections by sending data to your email server (9 jun) https://arstechnica.com/gadgets/2021/06/hackers-can-mess-with-https-connections-by-sending-data-to-your-email-server/
Länsförsäkringar spårade webb-besök utan godkännande (11 jun) https://sverigesradio.se/artikel/lansforsakringar-sparade-webb-besok-utan-godkannande
CERT-SE i veckan
Kritiska sårbarheter i SAP-produkter