CERT-SE:s veckobrev v.8

Mycket fokus på Ukraina den här veckan av förklarliga skäl. Vi påminner om vikten av att uppdatera sårbara system och se över cyberhygienen.

Trevlig helg önskar CERT-SE!

Nyheter i veckan

Searching for Suzy Thunder (26 jan)
https://www.theverge.com/c/22889425/susy-thunder-headley-hackers-phone-phreakers-claire-evans

The TrickBot Saga’s Finale Has Aired: Spinoff is Already in the Works (16 feb)
https://www.advintel.io/post/the-trickbot-saga-s-finale-has-aired-but-a-spinoff-is-already-in-the-works

DOJ beefs up efforts to combat criminal use of cryptocurrencies (17 feb)
https://www.cyberscoop.com/doj-combat-criminal-cryptocurrency-ransomware/

Free Cybersecurity Services and Tools (18 feb)
https://www.cisa.gov/free-cybersecurity-services-and-tools

Why You Need An Adversary-First Approach to Threats in the Cloud (18 feb)
https://www.darkreading.com/crowdstrike/why-you-need-an-adversary-first-approach-to-threats-in-the-cloud

Microsoft aims to improve anti-phishing MFA for White House ‘zero trust’ push (18 feb)
https://www.zdnet.com/article/microsoft-aims-to-improve-anti-phishing-multi-factor-authentication-for-white-house-zero-trust-push/

IT-strul slog ut kortbetalning på bensinstationer i hela landet (18 feb)
https://sverigesradio.se/artikel/it-strul-hos-flera-bensinstationer-gar-inte-att-tanka-med-kort

New Android Banking Trojan Spreading via Google Play Store Targets Europeans (21 feb)
https://thehackernews.com/2022/02/xenomorph-android-banking.html

Expeditors shuts down global operations after likely ransomware attack (21 feb)
https://www.bleepingcomputer.com/news/security/expeditors-shuts-down-global-operations-after-likely-ransomware-attack/

”Vilka kompetenser och färdigheter söker Sveriges säkerhets- och försvarsföretag?” (22 feb)
https://soff.se/vara-fragor/cyberforsvar/cyberkompetens/

A New Cybersecurity “Social Contract” (22 feb)
https://www.schneier.com/blog/archives/2022/02/a-new-cybersecurity-social-contract.html

Asustor network storage devices are being hit by a nasty ransomware attack (22 feb)
https://www.theverge.com/2022/2/22/22945962/asustor-nas-deadbolt-ransomware-attack

A security technique to fool would-be cyber attackers (23 feb)
https://news.mit.edu/2022/cyber-security-attackers-0223

Många ransomware-offer betalar – men då vill utpressarna ha mer (23 feb)
https://computersweden.idg.se/2.2683/1.763016/manga-ransomware-offer-betalar–da-vill-utpressarna-ha-mer

Nästan 100 000 nya varianter av banktrojaner upptäcktes under 2021 (23 feb)
https://computersweden.idg.se/2.2683/1.763006/nastan-100-000-nya-varianter-av-banktrojaner-upptacktes-under-2021

Axis utsatta för cyberattack – ”svårt att säga när allt fungerar som vanligt” (23 feb)
https://computersweden.idg.se/2.2683/1.763033/axis-utsatta-for-cyberattack–storningar-i-flera-system

New Sandworm malware Cyclops Blink replaces VPNFilter (23 feb)
https://www.ncsc.gov.uk/news/joint-advisory-shows-new-sandworm-malware-cyclops-blink-replaces-vpnfilter

Dridex bots deliver Entropy ransomware in recent attacks (23 feb)
https://news.sophos.com/en-us/2022/02/23/dridex-bots-deliver-entropy-ransomware-in-recent-attacks/

Nasty new malware will seize control of your social media accounts (24 feb)
https://www.techradar.com/news/nasty-new-malware-will-seize-control-of-your-social-media-accounts

Ukraina

Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure (20 feb)
https://www.cisa.gov/sites/default/files/publications/cisa_insight_mitigating_foreign_influence_508.pdf

Technical Analysis of the DDoS Attacks against Ukrainian Websites (20 feb)
https://www.cadosecurity.com/technical-analysis-of-the-ddos-attacks-against-ukrainian-websites/

Ukraine: EU deploys cyber rapid-response team (23 feb)
https://www.bbc.com/news/technology-60484979

FBI varnar för nya cyberattacker från Ryssland (23 feb)
https://www.nyteknik.se/sakerhet/fbi-varnar-for-nya-cyberattacker-fran-ryssland-7029170

Falska påståenden som hittills spridits under Ukrainakriget (24 feb)
https://www.dn.se/varlden/falska-pastaenden-som-hittills-spridits-under-ukrainakriget/

It-analytikern efter invasionen av Ukraina: ”Det kommer få gigantiska konsekvenser” (24 feb)
https://computersweden.idg.se/2.2683/1.763089/it-analytikern-chocksanker-prognosen-det-kommer-fa-gigantiska-konsekvenser

Ransomware used as decoy in data-wiping attacks on Ukraine (24 feb)
https://www.bleepingcomputer.com/news/security/ransomware-used-as-decoy-in-data-wiping-attacks-on-ukraine/

EU cyber-response team deployed (25 feb)
https://www.itsecurityguru.org/2022/02/23/eu-cyber-response-team-deployed/

Ukraine calls on hacker underground to defend against Russia (25 feb)
https://www.reuters.com/world/exclusive-ukraine-calls-hacker-underground-defend-against-russia-2022-02-24/

Putin Warns Russian Critical Infrastructure to Brace for Potential Cyber Attacks (25 feb)
https://thehackernews.com/2022/02/putin-warns-russian-critical.html

FAQ on cyber attacks related to invasion of Ukraine (25 feb)
https://blog.f-secure.com/faq-on-cyber-attacks-related-to-invasion-of-ukraine/

Informationssäkerhet och blandat

När ska vi börja ta it-säkerhet på allvar? (21 feb)
https://www.dn.se/ledare/isobel-hadley-kamptz-nar-ska-vi-borja-ta-it-sakerhet-pa-allvar/

Inte bara mejl – nu använder nätbedragare videomöten också (22 feb)
https://computersweden.idg.se/2.2683/1.762969/inte-bara-mejl–nu-anvander-natbedragare-videomoten-ocksa

DNA data of sexual assault victims exposed in breach at US laboratory (25 feb)
https://portswigger.net/daily-swig/dna-data-of-sexual-assault-victims-exposed-in-breach-at-us-laboratory

CERT-SE i veckan

De mest kritiska sårbarheterna under 2021 är fortsatt aktuella - se till att uppdatera nu