CERT-SE:s veckobrev v.45

Veckobrev

Blandade nyheter från veckan. Europeiska politiker uttrycker oro för spionprogram samtidigt som Europaparlamentet formellt nu antagit det reviderade NIS-direktivet. Och grattis till Pia Gruvö som ersätter Anne-Marie Eklund Löwinder som en av internets 14 nyckelbärare!

Trevlig helg önskar CERT-SE!

Nyheter i veckan

Microsoft Digital Defense Report 2022 (4 nov)
https://www.microsoft.com/en-us/security/business/microsoft-digital-defense-report-2022

Red Cross Eyes Digital Emblem for Cyberspace Protection (4 nov)
https://www.securityweek.com/red-cross-seeks-digital-emblem-protect-against-hackinghttps://www.icrc.org/en/document/icrc-proposes-digital-red-crosscrescent-emblem-signal-protection-cyberspace

Uponor: Utsatts för hackingsangrepp med ransomware (7 nov)
https://www.di.se/bors/telegram/7086c07c-a967-43e0-bdc7-519d193c5020/https://www.uponor.com/en-en/a-cyber-security-attack-against-uponor

Rapport: State of the Security – svensk offentlig sektor (7 nov)
https://www.orangecyberdefense.com/se/branscher/publik-sektor/rapport-publik-sektor

NIST on tap to improve cybersecurity of water systems (7 nov)
https://fcw.com/security/2022/11/nist-tap-improve-cybersecurity-water-systems/379390/

Azov Ransomware is a wiper, destroying data 666 bytes at a time (7 nov)
https://www.bleepingcomputer.com/news/security/azov-ransomware-is-a-wiper-destroying-data-666-bytes-at-a-time/

Microsoft hits the switch on password-free smartphone authentication (7 nov)
https://www.theregister.com/2022/11/07/microsoft_azure_phishing_mfa/

Sajten kraschade – trots att SJ rustat upp inför julbiljettsläpp (8 nov)
https://www.gp.se/nyheter/sverige/sajten-kraschade-trots-att-sj-rustat-upp-inf%C3%B6r-julbiljettsl%C3%A4pp-1.85065688

SolarWinds Agrees to Pay $26 Million to Settle Shareholder Lawsuit Over Data Breach (8 nov)
https://www.securityweek.com/solarwinds-agrees-pay-26-million-settle-shareholder-lawsuit-over-data-breach

October’s Most Wanted Malware: AgentTesla Knocks Formbook off Top Spot and New Text4Shell Vulnerability Disclosed (8 nov)
https://blog.checkpoint.com/2022/11/08/octobers-most-wanted-malware-agenttesla-knocks-formbook-off-top-spot-and-new-text4shell-vulnerability-disclosed/

LockBit 3.0 Being Distributed via Amadey Bot (8 nov)
https://asec.ahnlab.com/en/41450/

Spyware Is Running Amok in Europe, EU Lawmaker Warns (8 nov)
https://news.yahoo.com/spyware-running-amok-europe-eu-114009923.html

They See Me Roaming: Following APT29 by Taking a Deeper Look at Windows Credential Roaming (8 nov)
https://www.mandiant.com/resources/blog/apt29-windows-credential-roaming

Hackers Leak Australian Health Records on Dark Web (8 nov)
https://www.securityweek.com/hackers-leak-australian-health-records-dark-web

An Oil and Gas Weak Spot: Flow Computers (8 nov)
https://claroty.com/team82/research/an-oil-and-gas-weak-spot-flow-computers

Threat Spotlight: Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns (9 nov)
https://blog.talosintelligence.com/ipfs-abuse/

Egypt’s COP27 summit app is a cyber weapon, experts warn (9 nov)
https://www.politico.eu/article/cop-27-climate-change-app-cybersecurity-weapon-risks/

Defeating Phishing-Resistant Multifactor Authentication (9 nov)
https://www.schneier.com/blog/archives/2022/11/defeating-phishing-resistant-multifactor-authentication.htmlhttps://www.linkedin.com/pulse/phishing-resistant-mfa-does-mean-un-phishable-roger-grimes/

Mississippi election websites knocked out by DDoS attack (9 nov)
https://therecord.media/mississippi-election-websites-knocked-out-by-ddos-attack/

Transforming the Vulnerability Management Landscape (10 nov)
https://www.cisa.gov/blog/2022/11/10/transforming-vulnerability-management-landscape

Finland CERT reports record number of denial-of-service attacks (10 nov)
https://therecord.media/finland-cert-reports-record-number-of-denial-of-service-attacks/

PNG Steganography Hides Backdoor (10 nov)
https://decoded.avast.io/martinchlumecky/png-steganography/

Region Västerbotten har drabbats av IT och telefonistörningar (10 nov)
https://www.regionvasterbotten.se/region-vasterbotten-har-drabbats-av-it-och-telefonistorningar

Informationssäkerhet och blandat

Hon tar över en av internets 14 nycklar (4 nov)
https://computersweden.idg.se/2.2683/1.772432/hon-tar-over-en-av-internets-14-nycklar

US Seizes $3.4 Billion in Bitcoin Stolen From Silk Road (8 nov)
https://www.securityweek.com/us-seizes-34-billion-bitcoin-stolen-silk-road

Apple Is Tracking You Even When Its Own Privacy Settings Say It’s Not, New Research Says (8 nov)
https://gizmodo.com/apple-iphone-analytics-tracking-even-when-off-app-store-1849757558

Polischefen kan få sparken – åtalad för dataintrång (9 nov)
https://sverigesradio.se/artikel/polischefen-kan-fa-sparken-atalad-for-dataintrang

Cybersecurity: Parliament adopts new law to strengthen EU-wide resilience (10 nov)
https://www.europarl.europa.eu/news/en/press-room/20221107IPR49608/cybersecurity-parliament-adopts-new-law-to-strengthen-eu-wide-resilience

Instagram star gets 11 years for $300m email scam plot (10 nov)
https://www.theregister.com/2022/11/10/instagram_star_bec_prison/

Så här ser du ifall någon betalat för sin blå Twitter-bock (10 nov)
https://www.svt.se/nyheter/utrikes/twitter-elon-musk-verifierad-bla-bock-hur-kollar-man-betalat

Sällsynt 66 år gammal dator återfunnen – väger 360 kg (10 nov)
https://www.nyteknik.se/teknikhistoria/sallsynt-66-ar-gammal-dator-aterfunnen-vager-360-kg-7040474

PTS: Allvarliga brister i säkerheten hos Telenor (10 nov)
https://sverigesradio.se/artikel/pts-allvarliga-brister-i-sakerheten-hos-telenor

Finanssektorn utvald för pilotprojekt om cybersäkerhet (11 nov)
https://www.securityuser.com/se/Nyheter/Samhalle/finanssektorn-utvald-for-pilotprojekt-om-cybersakerhet

Royal Mail down: Tracking unavailable as outage exceeds 24 hours (11 nov)
https://www.bleepingcomputer.com/news/security/royal-mail-down-tracking-unavailable-as-outage-exceeds-24-hours/

Två män åtalade för grovt spioneri (11 nov)
https://via.tt.se/pressmeddelande/tva-man-atalade-for-grovt-spioneri?publisherId=3235540&releaseId=3334683

CERT-SE i veckan

Allvarliga sårbarheter i OpenLiteSpeed Web Server

Allvarliga sårbarheter i flera produkter från CiscoKritiska sårbarheter i WMware Workspace ONE Assist

Kritiska sårbarheter i Citrix-produkter

Microsofts månatliga säkerhetsuppdateringar för november 2022 (uppdaterad 2022-11-11)