CERT-SE:s veckobrev v.24

Veckobrev

Ransomware är det största cyberhotet just nu, enligt chefen för brittiska National Cyber Security Centre. Om detta, och mycket annat nytt på ransomwarefronten, kan du läsa i följande veckobrev. Trevlig läsning och en solig helg önskar CERT-SE!

Nyheter i veckan

Från fritt internet till allt hårdare övervakning (8 jun) https://www.foi.se/nyheter-och-press/nyheter/2021-06-08-fran-fritt-internet-till-allt-hardare-overvakning.html

Serious cyberattacks in Europe doubled in the past year, new figures reveal, as criminals exploited the pandemic (10 jun) https://amp.cnn.com/cnn/2021/06/10/tech/europe-cyberattacks-ransomware-cmd-intl/index.html

Ransom DDoS Extortion Actor “Fancy Lazarus” Returns (10 jun) https://www.proofpoint.com/us/blog/threat-insight/ransom-ddos-extortion-actor-fancy-lazarus-returns

Al Jazeera says it blocked cyberattack looking to disrupt & control its platform (10 jun) https://therecord.media/al-jazeera-says-it-blocked-cyberattack-looking-to-disrupt-control-its-platform/

Avaddon ransomware shuts down and releases decryption keys (11 jun) https://www.bleepingcomputer.com/news/security/avaddon-ransomware-shuts-down-and-releases-decryption-keys/

FBI/AFP-Run Encrypted Phone (11 jun) https://www.schneier.com/blog/archives/2021/06/fbi-afp-run-encrypted-phone.html

3.2 Million PCs Compromised in a Malware Campaign (12 jun) https://www.ehackingnews.com/2021/06/32-million-pcs-compromised-in-malware.html

Meat supplier JBS probed after paying $11 million ransom to attackers (14 jun) https://grahamcluley.com/meat-supplier-jbs-probed-after-paying-11-million-ransom-to-attackers/

Ransomware is the top cybersecurity threat we face, warns cyber chief (14 jun) https://www.zdnet.com/article/ransomware-is-the-key-online-cybersecurity-threat-to-people-and-businesses-warns-cyber-chief/ .. NCSC CEO warns that ransomware is key cyber threat (14 jun) https://www.ncsc.gov.uk/news/rusi-lecture

Ransomware: Russia told to tackle cyber criminals operating from within its borders (14 jun) https://www.zdnet.com/article/ransomware-russia-told-to-tackle-cyber-criminals-operating-from-within-its-borders/

Microsoft Disrupts Large-Scale BEC Campaign (14 jun) https://www.securityweek.com/microsoft-disrupts-large-scale-bec-campaign

Microsoft Teams security flaw left users defenseless against serious cyberattacks (15 jun) https://www.techradar.com/news/microsoft-teams-security-flaw-left-users-defenseless-against-serious-cyberattacks

How Does One Get Hired by a Top Cybercrime Gang? (15 jun) https://krebsonsecurity.com/2021/06/how-does-one-get-hired-by-a-top-cybercrime-gang/

The latest REvil ransomware victim? Sol Oriens. Oh, a US nuclear weapons contractor (15 jun) https://www.theregister.com/2021/06/15/us_nuclear_weapons_contractor_sol_oriens/

Most firms face second ransomware attack after paying off first (16 jun) https://www.zdnet.com/article/most-firms-face-second-ransomware-attack-after-paying-off-first/ .. New Cybereason Ransomware Study Reveals True Cost to Business (16 jun) https://www.cybereason.com/press/new-cybereason-ransomware-study-reveals-true-cost-to-business

Police Bust Major Ransomware Gang Cl0p (16 jun) https://www.vice.com/en/article/bvz7x3/police-bust-major-ransomware-gang-cl0p .. Ukraine Police Seize Cash in Raids on Major Ransomware Gang (16 jun) https://www.securityweek.com/ukraine-police-seize-cash-raids-major-ransomware-gang

Antalet ddos-attacker har fördubblats – och de blir allt kraftfullare (16 jun) https://computersweden.idg.se/2.2683/1.752542/antalet-ddos-attacker-har-fordubblats-under-det-senaste-aret .. Nokia Deepfield global analysis shows most DDoS attacks originate from fewer than 50 hosting companies (14 jun) https://www.nokia.com/about-us/news/releases/2021/06/14/nokia-deepfield-global-analysis-shows-most-ddos-attacks-originate-from-fewer-than-50-hosting-companies/

Ryuk ransomware recovery cost us $8.1m and counting, says Baltimore school authority (16 jun) https://www.theregister.com/2021/06/16/baltimore_ryuk_ransomware_dollars_8_1m_recovery_cost/

Unlocking the potential of blockchain technology (16 jun) https://news.mit.edu/2021/unlocking-potential-blockchain-0616

A new HTTP spec proposes elimination of obnoxious “cookie banners” (17 jun) https://arstechnica.com/gadgets/2021/06/tired-of-accepting-rejecting-cookies-adpc-wants-to-automate-the-process/

Akamai apologises after outage left Australia’s major banks and airline systems offline (17 jun) https://www.zdnet.com/article/akamai-apologises-after-outage-left-australias-major-banks-and-airline-systems-offline/

For første gang sier PST at Kina står bak et dataangrep (18 jun) https://www.nrk.no/norge/pst_-har-etterretning-om-at-kinesisk-gruppe-stod-bak-dataangrep-mot-statsforvaltere-1.15540601

Informationssäkerhet och blandat

McDonald’s hit by data breach in Taiwan and South Korea (12 jun) https://www.bbc.com/news/business-57447404

Volkswagen discloses data breach, 3.3 million customers impacted (12 jun) https://securityaffairs.co/wordpress/118887/data-breach/volkswagen-data-breach.html

Bank of America spends over $1 billion per year on cybersecurity, CEO Brian Moynihan says (14 jun) https://www.cnbc.com/2021/06/14/bank-of-america-spends-over-1-billion-per-year-on-cybersecurity.html

FHM stänger smittdatabas igen – misstänkt säkerhetsbrist (14 jun) https://www.dn.se/sverige/fmh-stanger-smittdatabas-igen-sakerhetsskal/ .. Sweden’s Covid Database Informing Strategy Forced to Shut Again (14 jun) https://www.bloomberg.com/news/articles/2021-06-14/sweden-s-covid-database-informing-strategy-forced-to-shut-again .. FHM fick information om säkerhetshot mot känslig databas – väntade ändå med att stänga (18 jun) https://www.dn.se/sverige/fhm-fick-information-om-sakerhetshot-mot-kanslig-databas-vantade-anda-med-att-stanga/

Sjuksköterska lånade ut inlogg – lät kollega titta i patientjournal (15 jun) https://sverigesradio.se/artikel/sjukskoterska-lanade-ut-inlogg-lat-kollega-titta-i-patientjournal

Alibaba suffers billion-item data leak of usernames and mobile numbers (16 jun) https://www.theregister.com/2021/06/16/alibaba_tabao_scraped_data_leak/

Researcher: 1 Billion CVS Health Website Records Exposed (16 jun) https://www.govinfosecurity.com/researcher-1-billion-cvs-health-website-records-exposed-a-16890

Amazon Web Services Misconfiguration Exposes Half a Million Cosmetics Customers (17 jun) https://www.infosecurity-magazine.com/news/aws-misconfiguration-exposes/