Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

Vi söker chef till Enheten för operativ cybersäkerhetsförmåga, en viktig roll i arbetet med att utveckla Sveriges förmåga att förebygga och hantera it-incidenter. Sista ansökningsdag är den 19 oktober.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.24

Ransomware är det största cyberhotet just nu, enligt chefen för brittiska National Cyber Security Centre. Om detta, och mycket annat nytt på ransomwarefronten, kan du läsa i följande veckobrev. Trevlig läsning och en solig helg önskar CERT-SE!

Nyheter i veckan

Från fritt internet till allt hårdare övervakning (8 jun)
https://www.foi.se/nyheter-och-press/nyheter/2021-06-08-fran-fritt-internet-till-allt-hardare-overvakning.html

Serious cyberattacks in Europe doubled in the past year, new figures reveal, as criminals exploited the pandemic (10 jun)
https://amp.cnn.com/cnn/2021/06/10/tech/europe-cyberattacks-ransomware-cmd-intl/index.html

Ransom DDoS Extortion Actor “Fancy Lazarus” Returns (10 jun)
https://www.proofpoint.com/us/blog/threat-insight/ransom-ddos-extortion-actor-fancy-lazarus-returns

Al Jazeera says it blocked cyberattack looking to disrupt & control its platform (10 jun)
https://therecord.media/al-jazeera-says-it-blocked-cyberattack-looking-to-disrupt-control-its-platform/

Avaddon ransomware shuts down and releases decryption keys (11 jun)
https://www.bleepingcomputer.com/news/security/avaddon-ransomware-shuts-down-and-releases-decryption-keys/

FBI/AFP-Run Encrypted Phone (11 jun)
https://www.schneier.com/blog/archives/2021/06/fbi-afp-run-encrypted-phone.html

3.2 Million PCs Compromised in a Malware Campaign (12 jun)
https://www.ehackingnews.com/2021/06/32-million-pcs-compromised-in-malware.html

Meat supplier JBS probed after paying $11 million ransom to attackers (14 jun)
https://grahamcluley.com/meat-supplier-jbs-probed-after-paying-11-million-ransom-to-attackers/

Ransomware is the top cybersecurity threat we face, warns cyber chief (14 jun)
https://www.zdnet.com/article/ransomware-is-the-key-online-cybersecurity-threat-to-people-and-businesses-warns-cyber-chief/
--
NCSC CEO warns that ransomware is key cyber threat (14 jun)
https://www.ncsc.gov.uk/news/rusi-lecture

Ransomware: Russia told to tackle cyber criminals operating from within its borders (14 jun)
https://www.zdnet.com/article/ransomware-russia-told-to-tackle-cyber-criminals-operating-from-within-its-borders/

Microsoft Disrupts Large-Scale BEC Campaign (14 jun)
https://www.securityweek.com/microsoft-disrupts-large-scale-bec-campaign

Microsoft Teams security flaw left users defenseless against serious cyberattacks (15 jun)
https://www.techradar.com/news/microsoft-teams-security-flaw-left-users-defenseless-against-serious-cyberattacks

How Does One Get Hired by a Top Cybercrime Gang? (15 jun)
https://krebsonsecurity.com/2021/06/how-does-one-get-hired-by-a-top-cybercrime-gang/

The latest REvil ransomware victim? Sol Oriens. Oh, a US nuclear weapons contractor (15 jun)
https://www.theregister.com/2021/06/15/us_nuclear_weapons_contractor_sol_oriens/

Most firms face second ransomware attack after paying off first (16 jun)
https://www.zdnet.com/article/most-firms-face-second-ransomware-attack-after-paying-off-first/
--
New Cybereason Ransomware Study Reveals True Cost to Business (16 jun)
https://www.cybereason.com/press/new-cybereason-ransomware-study-reveals-true-cost-to-business

Police Bust Major Ransomware Gang Cl0p (16 jun)
https://www.vice.com/en/article/bvz7x3/police-bust-major-ransomware-gang-cl0p
--
Ukraine Police Seize Cash in Raids on Major Ransomware Gang (16 jun)
https://www.securityweek.com/ukraine-police-seize-cash-raids-major-ransomware-gang

Antalet ddos-attacker har fördubblats – och de blir allt kraftfullare (16 jun)
https://computersweden.idg.se/2.2683/1.752542/antalet-ddos-attacker-har-fordubblats-under-det-senaste-aret
--
Nokia Deepfield global analysis shows most DDoS attacks originate from fewer than 50 hosting companies (14 jun)
https://www.nokia.com/about-us/news/releases/2021/06/14/nokia-deepfield-global-analysis-shows-most-ddos-attacks-originate-from-fewer-than-50-hosting-companies/

Ryuk ransomware recovery cost us $8.1m and counting, says Baltimore school authority (16 jun)
https://www.theregister.com/2021/06/16/baltimore_ryuk_ransomware_dollars_8_1m_recovery_cost/

Unlocking the potential of blockchain technology (16 jun)
https://news.mit.edu/2021/unlocking-potential-blockchain-0616

A new HTTP spec proposes elimination of obnoxious “cookie banners” (17 jun)
https://arstechnica.com/gadgets/2021/06/tired-of-accepting-rejecting-cookies-adpc-wants-to-automate-the-process/

Akamai apologises after outage left Australia's major banks and airline systems offline (17 jun)
https://www.zdnet.com/article/akamai-apologises-after-outage-left-australias-major-banks-and-airline-systems-offline/

For første gang sier PST at Kina står bak et dataangrep (18 jun)
https://www.nrk.no/norge/pst_-har-etterretning-om-at-kinesisk-gruppe-stod-bak-dataangrep-mot-statsforvaltere-1.15540601

Informationssäkerhet och blandat

McDonald's hit by data breach in Taiwan and South Korea (12 jun)
https://www.bbc.com/news/business-57447404

Volkswagen discloses data breach, 3.3 million customers impacted (12 jun)
https://securityaffairs.co/wordpress/118887/data-breach/volkswagen-data-breach.html

Bank of America spends over $1 billion per year on cybersecurity, CEO Brian Moynihan says (14 jun)
https://www.cnbc.com/2021/06/14/bank-of-america-spends-over-1-billion-per-year-on-cybersecurity.html

FHM stänger smittdatabas igen – misstänkt säkerhetsbrist (14 jun)
https://www.dn.se/sverige/fmh-stanger-smittdatabas-igen-sakerhetsskal/
--
Sweden’s Covid Database Informing Strategy Forced to Shut Again (14 jun)
https://www.bloomberg.com/news/articles/2021-06-14/sweden-s-covid-database-informing-strategy-forced-to-shut-again
--
FHM fick information om säkerhetshot mot känslig databas – väntade ändå med att stänga (18 jun)
https://www.dn.se/sverige/fhm-fick-information-om-sakerhetshot-mot-kanslig-databas-vantade-anda-med-att-stanga/

Sjuksköterska lånade ut inlogg – lät kollega titta i patientjournal (15 jun)
https://sverigesradio.se/artikel/sjukskoterska-lanade-ut-inlogg-lat-kollega-titta-i-patientjournal

Alibaba suffers billion-item data leak of usernames and mobile numbers (16 jun)
https://www.theregister.com/2021/06/16/alibaba_tabao_scraped_data_leak/

Researcher: 1 Billion CVS Health Website Records Exposed (16 jun)
https://www.govinfosecurity.com/researcher-1-billion-cvs-health-website-records-exposed-a-16890

Amazon Web Services Misconfiguration Exposes Half a Million Cosmetics Customers (17 jun)
https://www.infosecurity-magazine.com/news/aws-misconfiguration-exposes/