CERT-SE:s veckobrev v.33
Ett brittiskt vattenföretag har utsatts för cyberattack, konferenserna DEFCON och Black Hat USA har varit förra veckan och CISA har publicerat fem säkerhetsråd gällande industriella styr- och kontrollsystem (ICS).
Håll huvudet kallt i sommarvärmen och era enheter väl uppdaterade.
Trevlig helg!
Nyheter i veckan
This Anti-Tracking Tool Checks If You’re Being Followed (11 aug)
https://www.wired.com/story/this-anti-tracking-tool-checks-if-youre-being-followed/
Alert (AA22-223A) | #StopRansomware: Zeppelin Ransomware (11 aug)
https://www.cisa.gov/uscert/ncas/alerts/aa22-223a
A vulnerability was found in Electron which is what drives Discord, Spotify, and Microsoft Teams (12 aug)
https://www.malwarebytes.com/blog/news/2022/08/a-vulnerability-was-found-in-electron-which-is-what-drives-discord-spotify-and-microsoft-teams
Evil PLC Attack: Using a Controller as Predator Rather than Prey (13 aug)
https://claroty.com/team82/research/evil-plc-attack-using-a-controller-as-predator-rather-than-prey
Over 9,000 VNC servers exposed online without a password (14 aug)
https://www.bleepingcomputer.com/news/security/over-9-000-vnc-servers-exposed-online-without-a-password/
Sverige sticker ut i ny mätning – så många VNC-servrar saknar lösenord (15 aug)
https://computersweden.idg.se/2.2683/1.769288/oskyddade-vnc-servrar
Nearly 1,900 Signal Messenger Accounts Potentially Compromised in Twilio Hack (15 aug)
https://thehackernews.com/2022/08/nearly-1900-signal-messenger-accounts.html
This String of Emojis Is Actually Malware (15 aug)
https://www.vice.com/en/article/wxnj49/this-string-of-emojis-is-actually-malware
Australian hacker devises jailbreak to run Doom on John Deere combines (16 aug)
https://www.techspot.com/news/95635-australian-hacker-devises-jailbreak-run-doom-john-deere.html
Staffordshire water company confirms cyber attack (16 aug)
https://www.irishnews.com/magazine/technology/2022/08/16/news/staffordshire_water_company_confirms_cyber_attack-2800666/
Water Company Says Supply Safe After Ransom Group Claims (16 aug)
https://www.infosecurity-magazine.com/news/water-company-says-supply-safe/
Hackers attack UK water supplier but extort wrong company (16 aug)
https://www.bleepingcomputer.com/news/security/hackers-attack-uk-water-supplier-but-extort-wrong-company/
Brazilian police launch investigation targeting Lapsus$ group (16 aug)
https://therecord.media/brazilian-police-launch-investigation-targeting-lapsus-group/
RTLS systems vulnerable to MiTM attacks, location manipulation (16 aug)
https://www.bleepingcomputer.com/news/security/rtls-systems-vulnerable-to-mitm-attacks-location-manipulation/
Fortinet: Use of wipers expanding beyond Ukraine to 24 countries (17 aug)
https://therecord.media/fortinet-use-of-wipers-expanding-beyond-ukraine-to-24-countries/
Malicious PyPi packages turn Discord into password-stealing malware (17 aug)
https://www.bleepingcomputer.com/news/security/malicious-pypi-packages-turn-discord-into-password-stealing-malware/
Estonia subjected to ‘extensive’ cyberattacks after moving Soviet monuments (18 aug)
https://news.err.ee/1608688201/estonia-subjected-to-extensive-cyberattacks-after-moving-soviet-monuments
CISA releases 5 Industrial Control Systems Advisories (18 aug)
https://www.cisa.gov/uscert/ncas/current-activity/2022/08/18/cisa-releases-5-industrial-control-systems-advisories
Informationssäkerhet och blandat
Ransomware Groups Refine Shakedown and Monetization Models (12 aug)
https://www.bankinfosecurity.com/ransomware-groups-refine-shakedown-monetization-models-a-19790
Microsoft disrupts Russian hackers’ operation on NATO targets (15 aug)
https://www.bleepingcomputer.com/news/security/microsoft-disrupts-russian-hackers-operation-on-nato-targets/
When Efforts to Contain a Data Breach Backfire (16 aug)
https://krebsonsecurity.com/2022/08/when-efforts-to-contain-a-data-breach-backfire/
Microsoft Employees Exposed Own Company’s Internal Logins (16 aug)
https://www.vice.com/en/article/m7gb43/microsoft-employees-exposed-login-credentials-azure-github
Healthcare Breaches Costliest for 12 Years Running, Hit New $10.1M Record High (17 aug)
https://securityintelligence.com/posts/healthcare-data-breaches-costliest/
iOS VPNs have leaked traffic for more than 2 years, researcher claims (17 aug)
https://arstechnica.com/information-technology/2022/08/ios-vpns-still-leak-traffic-more-than-2-years-later-researcher-claims/
Mozilla finds 18 of 25 popular reproductive health apps share your data (17 aug)
https://www.theregister.com/2022/08/17/mozilla_pregnancy_app/
Samhällets informations- och cybersäkerhet (18 aug)
https://www.riksrevisionen.se/nu-granskas/pagaende-granskningar/samhallets-informations–och-cybersakerhet.html
Janet Jackson music video declared a cybersecurity exploit (18 aug)
https://www.theregister.com/2022/08/18/janet_jackson_video_crashes_laptops/
Apple varnar för säkerhetsbrist hos Iphones och Ipads (19 aug)
https://www.dn.se/ekonomi/apple-varnar-for-sakerhetsbrist-hos-iphones-och-ipads/