CERT-SE:s veckobrev v.1
Årets första vecka bjuder på blandad läsning med nyheter och fördjupningar om ransomware, årsskiftessummeringar samt den nya MSB-rapporten Ändringar som både hotar och skyddar - 20 rekommendationer för säkrare ändringar i våra informationssystem.
Trevlig läsning och Trettondagshelg önskar CERT-SE!
Nyheter i veckan
Canadian mining firm shuts down mill after ransomware attack (30 dec) https://www.bleepingcomputer.com/news/security/canadian-mining-firm-shuts-down-mill-after-ransomware-attack/
Why MFA Can’t Combat Growing Infostealer Malware Attacks (31 dec) https://www.govinfosecurity.com/mfa-cant-combat-growing-infostealer-malware-attacks-a-20785
Bristol Community College reveals they were the victim of a criminal cyberattack (31 dec) https://fallriverreporter.com/bristol-community-college-reveals-they-were-the-victim-of-a-criminal-cyberattack/
Våg av dataintrång oroar experter (2 jan) https://www.dn.se/sverige/vag-av-dataintrang-oroar-experter/
Port of Lisbon targeted by LockBit ransomware hackers, website still down down (2 jan) https://industrialcyber.co/news/port-of-lisbon-targeted-by-lockbit-ransomware-hackers-website-still-down/
Hackergruppen ”Alverna” slåss mot ryska troll (2 jan) https://www.svt.se/nyheter/utrikes/alverna-star-vid-informationskrigets-frontlinje
BitRAT Now Sharing Sensitive Bank Data as a Lure (3 jan) https://blog.qualys.com/vulnerabilities-threat-research/2023/01/03/bitrat-now-sharing-sensitive-bank-data-as-a-lure
Toyota’s Indian unit warns of a possible customer data breach (3 jan) https://www.reuters.com/technology/toyotas-indian-unit-warns-possible-customer-data-breach-2023-01-01/
Ransomware impacts over 200 govt, edu, healthcare orgs in 2022 (3 jan) https://www.bleepingcomputer.com/news/security/ransomware-impacts-over-200-govt-edu-healthcare-orgs-in-2022/
Så riktas hackarattacker mot Ukraina – ryska grupper pekas ut (3 jan) https://www.dn.se/varlden/sa-riktas-hackarattacker-mot-ukraina-ryska-grupper-pekas-ut/
Hackers claim ransomware attack on Los Angeles housing authority (3 jan) https://techcrunch.com/2023/01/03/hackers-claims-ransomware-attack-on-los-angeles-housing-authority/
Royal ransomware claims attack on Queensland University of Technology (3 jan) https://www.bleepingcomputer.com/news/security/royal-ransomware-claims-attack-on-queensland-university-of-technology/
Many Exchange servers still vulnerable to ProxyNotShell flaw (3 jan) https://www.techtarget.com/searchsecurity/news/252528809/Many-Exchange-servers-still-vulnerable-to-ProxyNotShell-flaw
Cyberattackers Torch Python Machine Learning Project (3 jan) https://www.darkreading.com/application-security/cyberattackers-torch-python-machine-learning-project
Rail giant Wabtec discloses data breach after Lockbit ransomware attack (3 jan) https://www.bleepingcomputer.com/news/security/rail-giant-wabtec-discloses-data-breach-after-lockbit-ransomware-attack/
Swansea Public Schools canceled on Wednesday after cyber attack (3 jan) https://eu.heraldnews.com/story/news/education/2023/01/03/swansea-public-schools-canceled-on-wednesday-after-cyber-attack/69775598007/
Cyber attack on car dealership Arnold Clark forces systems offline (4 jan) https://www.itpro.com/security/cyber-attacks/369792/cyber-attack-arnold-clark-forces-systems-offline
Cyber attack leaves school board’s employee data compromised (4 jan) https://www.insurancebusinessmag.com/ca/news/cyber/cyber-attack-leaves-school-boards-employee-data-compromised-431758.aspx
New Phishing Campaign Impersonates Flipper Zero to Target Cyber Professionals (4 jan) https://www.infosecurity-magazine.com/news/phishing-campaign-uses-flipper-zero/
Hacker Selling Data Allegedly Stolen From Volvo Cars Following Ransomware Attack (4 jan) https://www.securityweek.com/hacker-selling-data-allegedly-stolen-volvo-cars-following-ransomware-attack
Slack’s private GitHub code repositories stolen over holidays (5 jan) https://www.bleepingcomputer.com/news/security/slacks-private-github-code-repositories-stolen-over-holidays/
Informationssäkerhet och blandat
Counting Down to Quantum? Here’s What Security Teams Need To Know (30 dec) https://www.cpomagazine.com/cyber-security/counting-down-to-quantum-heres-what-security-teams-need-to-know/ .. https://www.infosecurity-magazine.com/news/biden-quantum-cybersecurity-law/
The world’s most common passwords: What to do if yours is on the list (2 jan) https://www.welivesecurity.com/2023/01/02/most-common-passwords-what-do-if-yours-list/
Ransomware ecosystem becoming more diverse for 2023 (2 jan) https://www.csoonline.com/article/3684248/ransomware-ecosystem-becoming-more-diverse-for-2023.html
The State of Ransomware in the US: Report and Statistics 2022 (2 jan) https://www.emsisoft.com/en/blog/43258/the-state-of-ransomware-in-the-us-report-and-statistics-2022/
Our Experts’ Top Cybersecurity Predictions for 2023 (2 jan) https://www.cisecurity.org/insights/blog/our-experts-top-cybersecurity-predictions-for-2023
Europol: Digital skimming (3 jan) https://www.europol.europa.eu/operations-services-and-innovation/public-awareness-and-prevention-guides/digital-skimming
Learning from Ghana’s Multistakeholder Approach to Cyber Security (3 jan) https://africacenter.org/spotlight/ghana-multistakeholder-cyber-security/
The FBI’s Perspective on Ransomware (4 jan) https://thehackernews.com/2023/01/the-fbis-perspective-on-ransomware.html
Ransomware hit US schools at steady rate in 2022 (4 jan) https://www.cybersecuritydive.com/news/ransomware-schools-steady-rate-2022/639610/
Rapport: Ändringar som både hotar och skyddar: 20 rekommendationer för säkrare ändringar i våra informationssystem (4 jan) https://www.msb.se/sv/publikationer/andringar-som-bade-hotar-och-skyddar-20-rekommendationer-for-sakrare-andringar-i-vara-informationssystem/