Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

Vi söker en systemadministratör inom Linux-klientinfrastruktur och it-säkerhet till CERT-SE, en central roll i arbetet med att utveckla Sveriges förmåga att förebygga och hantera it-incidenter. Sista ansökningsdag är den 15 augusti.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.20

I samband med statsbesöket tidigare i veckan besökte det svenska kungaparet och en delegation från Finland bestående av ministrar och presidentens fru MSB för att få en bättre bild av hur det svensk-finska samarbetet inom krisberedskap ser ut. Bland annat fick representanter från CERT-SE möjlighet att ge en inblick i hur den operativa hanteringen av it-incidenter går till. Om detta och mycket annat kan ni läsa i veckobrevet nedan. Trevlig helg önskar CERT-SE!

Nyheter i veckan

Putting staff welfare at the heart of incident response (10 maj)
https://www.ncsc.gov.uk/guidance/putting-staff-welfare-at-the-heart-of-incident-response

Ransomware group strikes second U.S. health care system in the last two months (13 maj)
https://www.cyberscoop.com/ransomware-us-hospital-system-healthcare/

Cyber experts join campaign to keep women safe from abusers (15 maj)
https://www.irishexaminer.com/news/arid-40872620.html

Italy prevents pro-Russian hacker attacks during Eurovision contest (15 maj)
https://www.reuters.com/world/europe/italian-police-prevents-pro-russian-hacker-attacks-during-eurovision-contest-2022-05-15/

CISA warns not to install May Windows updates on domain controllers (16 maj)
https://www.bleepingcomputer.com/news/security/cisa-warns-not-to-install-may-windows-updates-on-domain-controllers/

Researchers warn of APTs, data leaks as serious threats against UK financial sector (16 maj)
https://www.zdnet.com/article/researchers-warn-of-apts-data-leaks-as-serious-threats-against-uk-financial-sector/

Polisens larm: Bedragare slår till med falsk swish-app (17 maj)
https://sverigesradio.se/artikel/polisen-varnar-for-bedragerier-med-falsk-swish-app

Emotet is the most common malware (17 maj)
https://www.helpnetsecurity.com/2022/05/17/emotet-detections-q1-2022/

Sysrv-K Botnet Targets Windows, Linux (17 maj)
https://threatpost.com/sysrv-k-botnet-targets-windows-linux/179646/

How Mobile Networks Have Become a Front in the Battle for Ukraine (17 maj)
https://www.darkreading.com/attacks-breaches/how-mobile-networks-have-become-a-front-in-the-battle-for-ukraine

When Your Smart ID Card Reader Comes With Malware (17 maj)
https://krebsonsecurity.com/2022/05/when-your-smart-id-card-reader-comes-with-malware/

Long lost @ symbol gets new life obscuring malicious URLs (17 maj)
https://blog.malwarebytes.com/social-engineering/2022/05/long-lost-symbol-gets-new-life-obscuring-malicious-urls/

Kungaparet och finsk delegation besökte MSB (18 maj)
https://www.msb.se/sv/aktuellt/nyheter/2022/maj/kungaparet-och-finsk-delegation-besokte-msb/

”Digital insatsstyrka” ska skydda Estland från cyberattacker (18 maj)
https://www.svt.se/nyheter/utrikes/sa-rustar-estland-mot-cyberattacker

NCSC advisory highlights poor security configurations (18 maj)
https://channellife.co.nz/story/ncsc-advisory-highlights-poor-security-configurations

Wizard Spider hackers hire cold callers to scare ransomware victims into paying up (18 maj)
https://www.zdnet.com/article/wizard-spider-hacking-group-hires-cold-callers-to-scare-ransomware-victims-into-paying-up/

The Vulnerable Maritime Supply Chain - a Threat to the Global Economy (18 maj)
https://www.securityweek.com/vulnerable-maritime-supply-chain-threat-global-economy

MITRE Creates Framework for Supply Chain Security (18 maj)
https://www.darkreading.com/application-security/mitre-creates-framework-for-supply-chain-security

Water companies are increasingly uninsurable due to ransomware, industry execs say (18 maj)
https://www.cyberscoop.com/water-industry-ransomware-insurance/

Conti ransomware shuts down operation, rebrands into smaller units (19 maj)
https://www.bleepingcomputer.com/news/security/conti-ransomware-shuts-down-operation-rebrands-into-smaller-units/

Bumblebee Malware from TransferXL URLs (19 maj)
https://isc.sans.edu/diary/rss/28664

Media giant Nikkei’s Asian unit hit by ransomware attack (19 maj)
https://www.bleepingcomputer.com/news/security/media-giant-nikkei-s-asian-unit-hit-by-ransomware-attack/

Informationssäkerhet och blandat

Your social media account hasn’t been hacked, it’s been cloned! (17 maj)
https://www.tripwire.com/state-of-security/security-data-protection/social-media-account-hasnt-been-hacked-its-been-cloned/

Europe moves closer to stricter cybersecurity standards, reporting regs (17 maj)
https://www.theregister.com/2022/05/17/europe_nis2_cybersecurity_regulations/

CERT-SE i veckan

Kritiska sårbarheter i VMware-produkter