Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

Vi söker chef till Enheten för operativ cybersäkerhetsförmåga, en viktig roll i arbetet med att utveckla Sveriges förmåga att förebygga och hantera it-incidenter. Sista ansökningsdag är den 19 oktober.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.33

Ett brittiskt vattenföretag har utsatts för cyberattack, konferenserna DEFCON och Black Hat USA har varit förra veckan och CISA har publicerat fem säkerhetsråd gällande industriella styr- och kontrollsystem (ICS). Håll huvudet kallt i sommarvärmen och era enheter väl uppdaterade.

Trevlig helg!

Nyheter i veckan

This Anti-Tracking Tool Checks If You’re Being Followed (11 aug)
https://www.wired.com/story/this-anti-tracking-tool-checks-if-youre-being-followed/

Alert (AA22-223A) | #StopRansomware: Zeppelin Ransomware (11 aug)
https://www.cisa.gov/uscert/ncas/alerts/aa22-223a

A vulnerability was found in Electron which is what drives Discord, Spotify, and Microsoft Teams (12 aug)
https://www.malwarebytes.com/blog/news/2022/08/a-vulnerability-was-found-in-electron-which-is-what-drives-discord-spotify-and-microsoft-teams

Evil PLC Attack: Using a Controller as Predator Rather than Prey (13 aug)
https://claroty.com/team82/research/evil-plc-attack-using-a-controller-as-predator-rather-than-prey

Over 9,000 VNC servers exposed online without a password (14 aug)
https://www.bleepingcomputer.com/news/security/over-9-000-vnc-servers-exposed-online-without-a-password/
..
Sverige sticker ut i ny mätning – så många VNC-servrar saknar lösenord (15 aug)
https://computersweden.idg.se/2.2683/1.769288/oskyddade-vnc-servrar

Nearly 1,900 Signal Messenger Accounts Potentially Compromised in Twilio Hack (15 aug)
https://thehackernews.com/2022/08/nearly-1900-signal-messenger-accounts.html

This String of Emojis Is Actually Malware (15 aug)
https://www.vice.com/en/article/wxnj49/this-string-of-emojis-is-actually-malware

Australian hacker devises jailbreak to run Doom on John Deere combines (16 aug)
https://www.techspot.com/news/95635-australian-hacker-devises-jailbreak-run-doom-john-deere.html

Staffordshire water company confirms cyber attack (16 aug)
https://www.irishnews.com/magazine/technology/2022/08/16/news/staffordshire_water_company_confirms_cyber_attack-2800666/
..
Water Company Says Supply Safe After Ransom Group Claims (16 aug)
https://www.infosecurity-magazine.com/news/water-company-says-supply-safe/
..
Hackers attack UK water supplier but extort wrong company (16 aug)
https://www.bleepingcomputer.com/news/security/hackers-attack-uk-water-supplier-but-extort-wrong-company/

Brazilian police launch investigation targeting Lapsus$ group (16 aug)
https://therecord.media/brazilian-police-launch-investigation-targeting-lapsus-group/

RTLS systems vulnerable to MiTM attacks, location manipulation (16 aug)
https://www.bleepingcomputer.com/news/security/rtls-systems-vulnerable-to-mitm-attacks-location-manipulation/

Fortinet: Use of wipers expanding beyond Ukraine to 24 countries (17 aug)
https://therecord.media/fortinet-use-of-wipers-expanding-beyond-ukraine-to-24-countries/

Malicious PyPi packages turn Discord into password-stealing malware (17 aug)
https://www.bleepingcomputer.com/news/security/malicious-pypi-packages-turn-discord-into-password-stealing-malware/

Estonia subjected to 'extensive' cyberattacks after moving Soviet monuments (18 aug)
https://news.err.ee/1608688201/estonia-subjected-to-extensive-cyberattacks-after-moving-soviet-monuments

CISA releases 5 Industrial Control Systems Advisories (18 aug)
https://www.cisa.gov/uscert/ncas/current-activity/2022/08/18/cisa-releases-5-industrial-control-systems-advisories

Informationssäkerhet och blandat

Ransomware Groups Refine Shakedown and Monetization Models (12 aug)
https://www.bankinfosecurity.com/ransomware-groups-refine-shakedown-monetization-models-a-19790

Microsoft disrupts Russian hackers' operation on NATO targets (15 aug)
https://www.bleepingcomputer.com/news/security/microsoft-disrupts-russian-hackers-operation-on-nato-targets/

When Efforts to Contain a Data Breach Backfire (16 aug)
https://krebsonsecurity.com/2022/08/when-efforts-to-contain-a-data-breach-backfire/

Microsoft Employees Exposed Own Company’s Internal Logins (16 aug)
https://www.vice.com/en/article/m7gb43/microsoft-employees-exposed-login-credentials-azure-github

Healthcare Breaches Costliest for 12 Years Running, Hit New $10.1M Record High (17 aug)
https://securityintelligence.com/posts/healthcare-data-breaches-costliest/

iOS VPNs have leaked traffic for more than 2 years, researcher claims (17 aug)
https://arstechnica.com/information-technology/2022/08/ios-vpns-still-leak-traffic-more-than-2-years-later-researcher-claims/

Mozilla finds 18 of 25 popular reproductive health apps share your data (17 aug)
https://www.theregister.com/2022/08/17/mozilla_pregnancy_app/

Samhällets informations- och cybersäkerhet (18 aug)
https://www.riksrevisionen.se/nu-granskas/pagaende-granskningar/samhallets-informations--och-cybersakerhet.html

Janet Jackson music video declared a cybersecurity exploit (18 aug)
https://www.theregister.com/2022/08/18/janet_jackson_video_crashes_laptops/

Apple varnar för säkerhetsbrist hos Iphones och Ipads (19 aug)
https://www.dn.se/ekonomi/apple-varnar-for-sakerhetsbrist-hos-iphones-och-ipads/

CERT-SE i veckan

Kritisk sårbarhet i Zimbra Collaboration Suite

Flera sårbarheter i Apple-produkter