CERT-SE:s veckobrev v.47

Veckobrev

Julen nalkas och många funderar över julklappsinköp. Efter Black Friday kommer Cyber Monday och det här är något som kan utnyttjas av cyberkriminella i e-handeln. Shoppa säkert!

Nyheter i veckan

[Conti] Ransomware Group In-Depth Analysis (18 nov)
https://www.prodaft.com/resource/detail/conti-ransomware-group-depth-analysis/ .. The newer cybercrime triad: TrickBot-Emotet-Conti (20 nov)
https://securityaffairs.co/wordpress/124807/cyber-crime/trickbot-emotet-conti-triad.html .. Conti ransomware gang suffers security breach (20 nov)
https://therecord.media/conti-ransomware-gang-suffers-security-breach/

Malware downloaded from PyPI 41,000 times was surprisingly stealthy (19 nov)
https://arstechnica.com/information-technology/2021/11/malware-downloaded-from-pypi-41000-times-was-surprisingly-stealthy/

Utah Medical Group Discloses Data Breach Affecting Over 580,000 Patients (22 nov)
https://www.securityweek.com/utah-medical-group-discloses-data-breach-affecting-over-580000-patients

Ecommerce platforms (cough, Magento) need patching before Black Friday, warns UK’s National Cyber Security Centre (22 nov)
https://www.theregister.com/2021/11/22/ncsc_magento_updates_black_friday_reminder/

GoDaddy hack causes data breach affecting 1.2 million customers (22 nov)
https://www.bleepingcomputer.com/news/security/godaddy-hack-causes-data-breach-affecting-12-million-customers/ .. GoDaddy Announces Security Incident Affecting Managed WordPress Service (22 nov)
https://www.sec.gov/Archives/edgar/data/1609711/000160971121000122/gddyblogpostnov222021.htm

US government issues Thanksgiving ransomware warning (22 nov)
https://edition.cnn.com/2021/11/22/politics/thanksgiving-ransomware-warning/index.html

Update on cyber security incident | Vestas impacted by cyber security incident (22 nov)
https://www.vestas.com/en/media/company-news/2021/update-on-cyber-security-incident-c3457795

New JavaScript malware works as a “RAT dispenser” (24 nov)
https://therecord.media/new-javascript-malware-works-as-a-rat-dispenser/

Ukraine arrests ‘Phoenix’ hackers behind Apple phishing attacks (24 nov)
https://www.bleepingcomputer.com/news/security/ukraine-arrests-phoenix-hackers-behind-apple-phishing-attacks/

Password usage analysis of brute force attacks on honeypot servers (24 nov)
https://blog.malwarebytes.com/reports/2021/11/password-usage-analysis-of-brute-force-attacks-on-honeypot-servers/

BIO-ISAC Releases Advisory to Biomanufacturers | Tardigrade: An APT attack on vaccine manufacturing infrastructure (22 nov)
https://www.isac.bio/post/tardigrade

Informationssäkerhet och blandat

NCSC: COVID-19 vaccines were prime target for hackers in 2021 (17 nov)
https://www.itpro.co.uk/security/national-cyber-security-centre-ncsc/361570/ncsc-covid-19-vaccines-prime-target-hackers-2021

The Evolving Threat of Ransomware (21 nov)
https://www.tripwire.com/state-of-security/security-data-protection/the-evolving-threat-of-ransomware/
..
Report: https://cyber-edge.com/wp-content/uploads/2021/02/CyberEdge-2020-CDR-Report-v1.0.pdf

BSI | Fourth edition of the Franco-German Common Situational Picture Thematic focus: Ransomware (22 nov)
https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/D-F_Reports/Common_Situational_Picture_2021.pdf

Ska betala miljonskadestånd efter dataintrång mot e-sportplattform (22 nov)
https://sverigesradio.se/artikel/man-ska-betala-miljonskadestand-efter-dataintrang-mot-e-sportplattform

Graphical Lures In The Age of Cybercrime (23 nov) https://inquest.net/blog/2021/11/23/graphical-lures-age-cybercrime

Apple sues ‘amoral 21st century mercenaries’ NSO for infecting iPhones with Pegasus spyware (23 nov)
https://www.theregister.com/2021/11/23/apple_nso_group

Svenskar slarviga med lösenord på jobbet – ”sticker ut” (23 nov)
https://computersweden.idg.se/2.2683/1.759000/svenskar-slarviga-med-losenord-pa-jobbet–sticker-ut

Örebro universitets twitterkonto kapat – bara inlägg om kryptovaluta (24 nov)
https://www.svt.se/nyheter/lokalt/orebro/orebro-universitets-twitterkonto-kapat

UK Introduces New Cybersecurity Legislation for IoT Devices (24 nov)
https://www.infosecurity-magazine.com/news/uk-cybersecurity-legislation-iot/

Svenska Kraftnät | Öppen antagonistisk hotbild för elförsörjningen
https://www.svk.se/siteassets/3.sakerhet-och-hallbarhet/sakerhetsskydd/dokument/oppen-antagonistisk-hotbild-for-elforsorjningen-2021.pdf

Kommentar | Jonas Fröberg: Hur enkelt kan din bil hackas? (24 nov)
https://www.dn.se/motor/jonas-froberg-hur-enkelt-kan-din-bil-hackas/

Så kommer Apple varna användare som har har hackats med Pegasus (25 nov)
https://macworld.idg.se/2.1038/1.759368/sa-kommer-apple-varna-anvandare-som-har-har-hackats-med-pegasus