Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

Vi söker chef till Enheten för operativ cybersäkerhetsförmåga, en viktig roll i arbetet med att utveckla Sveriges förmåga att förebygga och hantera it-incidenter. Sista ansökningsdag är den 19 oktober.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.25

Under veckan som gått har vi sett ett antal allvarliga dataintrång, DDoS- och ransomwareattacker mot olika sektorer och branscher i Sverige och runtom i världen. EU planerar en gemensam cyberenhet som ska jobba med storskaliga cyberattacker. Och här hemma har Sveriges första cybersoldater muckat efter 11 månaders utbildning. Trevlig läsning och glad midsommar önskar CERT-SE!

Nyheter i veckan

Ryuk ransomware recovery cost us $8.1m and counting, says Baltimore school authority (16 jun)
https://www.theregister.com/2021/06/16/baltimore_ryuk_ransomware_dollars_8_1m_recovery_cost/

Bombshell Report Finds Phone Network Encryption Was Deliberately Weakened (17 jun)
https://www.vice.com/en/article/4avnan/bombshell-report-finds-phone-network-encryption-was-deliberately-weakened

Hit by a Ransomware Attack? Your Payment May be Deductible (19 jun)
https://www.securityweek.com/hit-ransomware-attack-your-payment-may-be-deductible

The Polish Prime Minister asked the Sejm to hold a closed meeting on cyber attacks (19 jun)
https://www.ehackingnews.com/2021/06/the-polish-prime-minister-asked-sejm-to.html

Fake DarkSide Ransomware Gang Targets Energy, Food Sectors (20 jun)
https://www.bankinfosecurity.com/fake-darkside-ransomware-gang-targets-energy-food-sectors-a-16911

Most organizations would pay in the event of a ransomware attack (21 jun)
https://www.helpnetsecurity.com/2021/06/21/pay-ransomware-attack/

Georgia fertility clinic discloses breach of patient SSNs and medical info after ransomware attack (21 jun)
https://www.zdnet.com/article/georgia-fertility-clinic-discloses-breach-of-patient-ssns-and-medical-info-after-ransomware-attack/

Resenärer fick sms av ”Putin” – Länstrafiken i Norrbotten stänger tjänst (21 jun)
https://www.svt.se/nyheter/lokalt/norrbotten/resenarer-fick-sms-av-putin-nu-stanger-lanstrafiken-i-norrbotten-tjansten

South Korea’s nuclear research agency breached by North Korea-affiliated cyberattackers, says malware analyst group (21 jun)
https://www.theregister.com/2021/06/21/south_koreas_nuclear_think_tank/

50% of misconfigured containers hit by botnets in under an hour (21 jun)
https://www.scmagazine.com/data-leakage-prevention-dlp/50-of-misconfigured-containers-hit-by-botnets-in-under-an-hour/
--
Aqua Security’s Cloud Native Threat Report Reveals Sophisticated New Attacks in the Wild on Container Supply Chains and Infrastructure (21 jun)
https://www.aquasec.com/news/2021-cloud-native-threat-report-reveals-new-threats/

Best practices for IT teams to prevent ransomware attacks (22 jun)
https://www.helpnetsecurity.com/2021/06/22/best-practices-prevent-ransomware-attacks/

ADATA ransomware attack saw 700GB of data stolen (22 jun)
https://www.techradar.com/news/adata-ransomware-attack-saw-700gb-of-data-stolen

En milstolpe i förstärkningen av cyberförsvaret (22 jun)
https://www.forsvarsmakten.se/sv/aktuellt/2021/06/en-milstolpe-i-forstarkningen-av-cyberforsvaret/

City of Liege, Belgium hit by ransomware (22 jun)
https://therecord.media/city-of-liege-belgium-hit-by-ransomware/

A 'Digital Vaccine' for Battling Ransomware Epidemic (22 jun)
https://www.bankinfosecurity.com/interviews/digital-vaccine-for-battling-ransomware-epidemic-i-4919

Brave launches search engine that doesn’t track users and searches (22 jun)
https://therecord.media/brave-launches-search-engine-that-doesnt-track-users-and-searches/

How to be prepared for a ransomware attack: Check your data and backups (22 jun)
https://www.techrepublic.com/article/how-to-be-prepared-for-a-ransomware-attack-check-your-data-and-backups/

SEC still digging into SolarWinds fallout, nudges undeclared victims (22 jun)
https://www.theregister.com/2021/06/22/sec_continues_to_probe_solarwinds/

Ransomware Gang Cl0p Announces New Victim After Police Bust (22 jun)
https://www.vice.com/en/article/88n5j3/ransomware-gang-cl0p-announces-new-victim-after-police-bust

EU wants emergency team for 'nightmare' cyber-attacks (23 jun)
https://www.bbc.com/news/technology-57583158
--
EU Cybersecurity: Commission proposes a Joint Cyber Unit to step up response to large-scale security incidents (23 jun)
https://ec.europa.eu/commission/presscorner/detail/en/IP_21_3088

MITRE releases D3FEND, defensive measures complimentary to its ATT&CK framework (23 jun)
https://therecord.media/mitre-releases-d3fend-defensive-measures-complimentary-to-its-attck-framework/
--
NSA Funds Development, Release of D3FEND (22 jun)
https://www.nsa.gov/news-features/press-room/Article/2665993/nsa-funds-development-release-of-d3fend/

May 2021 witnessed over 223.7 million ransomware attacks (23 jun)
https://www.cybersecurity-insiders.com/may-2021-witnessed-over-223-7-million-ransomware-attacks/

Ransomware decreases as cybercriminals hit more lucrative targets (23 jun)
https://www.helpnetsecurity.com/2021/06/23/ransomware-decreases/

Tulsa ransomware hackers leak 18,000 files on dark web (23 jun)
https://www.itpro.co.uk/security/ransomware/359970/tulsa-ransomware-attackers-publish-18000-files-on-dark-web

70pc of devices back in use following HSE cyberattack (23 jun)
https://www.siliconrepublic.com/enterprise/hse-cyberattack-decryption

John McAfee: Anti-virus creator found dead in prison cell (23 jun)
https://www.bbc.com/news/world-europe-57589822

Microsoft warns: Now attackers are using a call centre to trick you into downloading ransomware (23 jun)
https://www.zdnet.com/article/microsoft-warns-now-attackers-are-using-a-call-centre-to-trick-you-into-downloading-ransomware/

ChaChi: a new GoLang Trojan used in attacks against US schools (23 jun)
https://www.zdnet.com/article/chachi-golang-a-new-go-trojan-focuses-on-attacking-us-schools/

Informationssäkerhet och blandat

50,000 security disasters waiting to happen: The problem of America's water supplies (17 jun)
https://www.nbcnews.com/tech/security/hacker-tried-poison-calif-water-supply-was-easy-entering-password-rcna1206

Inrättandet av Nationellt cybersäkerhetscenter pågår (17 jun)
https://www.sakerhetspolisen.se/ovrigt/pressrum/aktuellt/aktuellt/2021-06-17-inrattandet-av-nationellt-cybersakerhetscenter-pagar.html

Inglis confirmed as first national cyber director (18 jun)
https://www.scmagazine.com/home/security-news/government-and-defense/inglis-confirmed-as-first-national-cyber-director/

Nu vaknar Sverige om cybersäkerheten (19 jun)
https://www.dagensarena.se/opinion/nu-vaknar-sverige-om-cybersakerheten/

Threat actors using Google Docs exploit to spread phishing links (19 jun)
https://www.hackread.com/threat-actors-google-docs-exploit-phishing-links/

Uppbyggnaden av Nationellt cybersäkerhetscenter fortsätter (20 jun)
https://www.securityuser.com/se/Nyheter/Samhalle/uppbyggnaden-av-nationellt-cybersakerhetscenter-fortsatter1

Cybersecurity firm exposes 5 billion data breach records (20 jun)
https://www.hackread.com/cybersecurity-firm-expose-data-breach-records/

The Future of Machine Learning and Cybersecurity (21 jun)
https://www.schneier.com/blog/archives/2021/06/the-future-of-machine-learning-and-cybersecurity.html

How Cyber Safe is Your Drinking Water Supply? (21 jun)
https://krebsonsecurity.com/2021/06/how-cyber-safe-is-your-drinking-water-supply/

Millions of medical images, patient data remain exposed via PACS flaws (21 jun)
https://www.scmagazine.com/featured/millions-of-medical-images-patient-data-remain-exposed-via-pacs-flaws/

Hackerattack mot covidportal (21 jun)
https://sverigesradio.se/artikel/hackerattack-mot-covidlabb
--
Covidtester pausas efter misstänkt dataintrång (21 jun)
https://www.dagensmedicin.se/vardens-styrning/patientsakerhet/covidtester-pausas-efter-misstankt-dataintrang/
--
Region Skåne utsatta för intrång i databas för självprovtagning (22 jun)
https://www.svt.se/nyheter/lokalt/skane/region-skane-utsatta-for-intrang-i-databas-for-egenprovtagning
--
Viktig information gällande intrång i LabPortalen och eRemiss. (21 jun)
https://infosolutions.se/2021/06/21/viktig-information-gallande-personuppgiftsincident-i-samband-med-intrang-i-labportalen-och-eremiss/

Could better cyber hygiene have prevented the SolarWinds attack? (22 jun)
https://www.scmagazine.com/home/security-news/could-better-cyber-hygiene-have-prevented-the-solarwinds-attack/

Hotellen tillbaka efter förra veckans hackerattack (22 jun)
https://sverigesradio.se/artikel/hotellen-tillbaka-pa-benen-efter-forra-veckans-hackerattack

Detaljhandeln hårt drabbad av hackerattacker (22 jun)
https://www.svd.se/detaljhandeln-hart-drabbad-av-hackerattacker
--
IT-attack bakom Bauhaus stängda e-handel – ”allt annat än kul” (23 jun)
https://www.ehandel.se/it-attack-bakom-bauhaus-stangda-e-handel-allt-annat-an-kul

Biblioteker over hele landet utsatt for dataangrep (23 jun)
https://www.ba.no/bas-nyhetsstudio/s/5-8-1245854?p=lc-2498284-7073-bergensavisen

CERT-SE i veckan

Kritisk sårbarhet i Palo Alto Cortex XSOAR