Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.29

Vi avslutar en het vecka med rykande färska nyheter.
Trevlig helg och lycka till ikväll alla 🇸🇪fotbollshjältar🇸🇪 önskar CERT-SE!

Nyheter i veckan

PSA: Sudden Increase In Attacks On Modern WPBakery Page Builder Addons Vulnerability (13 jul)
https://www.wordfence.com/blog/2022/07/attacks-on-modern-wpbakery-page-builder-addons-vulnerability/

Healthcare Provider Exposed Transplant Donor and Recipient Data (14 jul)
https://www.infosecurity-magazine.com/news/healthcare-provider-transplant-data/

New variant of Android SpyJoker malware removed from Play Store after 3 million+ installs (14 jul)
https://blog.malwarebytes.com/android/2022/07/new-variant-of-android-spyjoker-malware-removed-from-play-store-after-3-million-installs/

Tenet Health sued after affiliate hack, health data theft impacting 1.2M (14 jul)
https://www.scmagazine.com/editorial/analysis/breach/tenet-health-sued-after-affiliate-hack-health-data-theft-impacting-1-2m

The Trojan Horse Malware & Password “Cracking” Ecosystem Targeting Industrial Operators (14 jul)
https://www.dragos.com/blog/the-trojan-horse-malware-password-cracking-ecosystem-targeting-industrial-operators/

Above the Fold and in Your Inbox: Tracing State-Aligned Activity Targeting Journalists, Media (14 jul)
https://www.proofpoint.com/us/blog/threat-insight/above-fold-and-your-inbox-tracing-state-aligned-activity-targeting-journalists

Tor Browser now bypasses internet censorship automatically (15 jul)
https://www.bleepingcomputer.com/news/security/tor-browser-now-bypasses-internet-censorship-automatically/

Unverified Commits: Are You Unknowingly Trusting Attackers’ Code? (15 jul)
https://checkmarx.com/blog/unverified-commits-are-you-unknowingly-trusting-attackers-code/

Microsoft investigates July updates breaking Access applications (15 jul)
https://www.bleepingcomputer.com/news/microsoft/microsoft-investigates-july-updates-breaking-access-applications/

Google-datorer stoppas i danska skolor (16 jul)
https://tt.omni.se/google-datorer-stoppas-i-danska-skolor/a/bGEE9e

Taiwan government faces surge of Emotet malware attacks (16 jul)
https://www.taiwannews.com.tw/en/news/4598445

Zero-day attacks climb as hackers get more sophisticated (18 jul)
https://securitybrief.co.nz/story/zero-day-attacks-climb-as-hackers-get-more-sophisticated

Amid Rising Magecart Attacks on Online Ordering Platforms, Recent Campaigns Infect 311 Restaurants (18 jul)
https://www.recordedfuture.com/amid-rising-magecart-attacks-online-ordering-platforms

Albanian government websites go dark after cyberattack (18 jul)
https://www.theregister.com/2022/07/18/albania_down/

Building materials giant Knauf hit by Black Basta ransomware gang (19 jul)
https://www.bleepingcomputer.com/news/security/building-materials-giant-knauf-hit-by-black-basta-ransomware-gang/

CISA Set to Open London Office (19 jul)
https://www.infosecurity-magazine.com/news/cisa-set-to-open-london-office/

IMY öppnar visselblåsarfunktion – tryggt att anmäla slarv med dataskydd (19 jul)
https://computersweden.idg.se/2.2683/1.768479/nu-kan-du-visselblasa-till-integritetsskyddsmyndigheten
..
https://www.imy.se/privatperson/utfora-arenden/visselblasning/

UK heat wave causes Google and Oracle cloud outages (19 jul)
https://www.bleepingcomputer.com/news/security/uk-heat-wave-causes-google-and-oracle-cloud-outages/

Neopets data breach exposes personal data of 69 million members (20 jul)
https://www.bleepingcomputer.com/news/security/neopets-data-breach-exposes-personal-data-of-69-million-members/

US seizes stolen funds from suspected North Korean hackers (20 jul)
https://www.bbc.com/news/technology-62239638

Microsoft Teams settings leave govt officials open to cyberattacks (21 jul)
https://cybernews.com/security/microsoft-teams-settings-leave-govt-officials-open-to-cyberattacks/

Informationssäkerhet och blandat

New Ransomware Groups on the Rise (12 jul)
https://blog.cyble.com/2022/07/12/new-ransomware-groups-on-the-rise/

The Kit That Wants It All: Scam Mimics PayPal’s Known Security Measures (13 jul)
https://www.akamai.com/blog/security/paypal-phishing-scam-mimics-known-security-measures

BlackCat ransomware attacks not merely a byproduct of bad luck (14 jul)
https://news.sophos.com/en-us/2022/07/14/blackcat-ransomware-attacks-not-merely-a-byproduct-of-bad-luck/

North Korean threat actor targets small and midsize businesses with H0lyGh0st ransomware (14 jul)
https://www.microsoft.com/security/blog/2022/07/14/north-korean-threat-actor-targets-small-and-midsize-businesses-with-h0lygh0st-ransomware/

CP/M's open-source status clarified after 21 years (15 jul)
https://www.theregister.com/2022/07/15/cpm_open_source

Digium Phones Under Attack: Insight Into the Web Shell Implant (15 jul)
https://unit42.paloaltonetworks.com/digium-phones-web-shell/

SATAn: Air-Gap Exfiltration Attack via Radio Signals From SATA Cables (15 jul)
https://arxiv.org/abs/2207.07413

Anatomy of Attack: Truth Behind the Costa Rica Government Ransomware 5-Day Intrusion (18 jul)
https://www.advintel.io/post/anatomy-of-attack-truth-behind-the-costa-rica-government-ransomware-5-day-intrusion

Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive (19 jul)
https://unit42.paloaltonetworks.com/cloaked-ursa-online-storage-services-campaigns/

Continued cyber activity in Eastern Europe observed by TAG (19 jul)
https://blog.google/threat-analysis-group/continued-cyber-activity-in-eastern-europe-observed-by-tag/

I see what you did there: A look at the CloudMensis macOS spyware (19 jul)
https://www.welivesecurity.com/2022/07/19/i-see-what-you-did-there-look-cloudmensis-macos-spyware/

Redeemer Ransomware back Action (20 jul)
https://blog.cyble.com/2022/07/20/redeemer-ransomware-back-action/

Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware (21 jul)
https://www.intezer.com/blog/research/lightning-framework-new-linux-threat/

British intelligence recycles old argument for borking encryption: think of the children! (22 jul)
https://www.theregister.com/2022/07/22/british_encryption_scanning/

Ukrainian Radio Stations Hacked to Broadcast Fake News About Zelenskyy's Health (22 jul)
https://thehackernews.com/2022/07/ukrainian-radio-stations-hacked-to.html

CERT-SE i veckan

Kritiska sårbarheter i Cisco Nexus Dashboard

Kritiska sårbarheter i produkter från Atlassian

Oracles kvartalsvisa säkerhetsuppdatering för juli 2022