CERT-SE:s veckobrev v.10
Veckans nyhetssvep bjuder på blandad läsning, och möjligheten till både filmtittning och poddlyssning.
Trevlig helg önskar CERT-SE!
Nyheter i veckan
Norrköpings kommun: Informationsfilm om cybersäkerhetsincidenten (3 mars)
https://norrkoping.se/nyhetsarkiv/nyheter/2023-03-03-informationsfilm-om-cybersakerhetsincidenten
High-Street Retailer WH Smith Breached; Hackers Access Company, Employee Data (3 mars)
https://www.bitdefender.com/blog/hotforsecurity/high-street-retailer-wh-smith-breached-hackers-access-company-employee-data/
New Backdoor MQsTTang Attributed to Mustang Panda Group (3 mars)
https://www.infosecurity-magazine.com/news/backdoor-mqsttang-attributed/
…https://www.welivesecurity.com/2023/03/02/mqsttang-mustang-panda-latest-backdoor-treads-new-ground-qt-mqtt/
Europol: Germany and Ukraine hit two high-value ransomware targets (6 mars)
https://www.europol.europa.eu/media-press/newsroom/news/germany-and-ukraine-hit-two-high-value-ransomware-targets
Cyberattack Hits Major Hospital in Spanish City of Barcelona (6 mars)
https://www.securityweek.com/cyberattack-hits-major-hospital-in-spanish-city-of-barcelona/
New HiatusRAT router malware covertly spies on victims (6 mars)
https://blog.lumen.com/new-hiatusrat-router-malware-covertly-spies-on-victims/
Cloud-Native Threats in 2023 (6 mars)
https://www.hackmageddon.com/2023/03/06/cloud-native-threats-in-2023/
Danish defense ministry bans TikTok on employee work phones (6 mars)
https://abcnews.go.com/Technology/wireStory/danish-defense-ministry-bans-tiktok-employee-work-phones-97653797
Acer confirms breach after 160GB of data for sale on hacking forum (7 mars)
https://www.bleepingcomputer.com/news/security/acer-confirms-breach-after-160gb-of-data-for-sale-on-hacking-forum/
Expanding Attack Blueprints: 2022 Annual Cybersecurity Report (7 mars)
https://www.trendmicro.com/en_us/research/23/c/expanding-attack-blueprints-2022-annual-cybersecurity-report-.html
What is a Website Defacement? (7 mars)
https://blog.sucuri.net/2023/03/what-is-website-defacement.html
Personuppgifter har läckt efter it-angrepp mot Humana (7 mars)
https://www.svt.se/nyheter/inrikes/personuppgifter-har-lackt-efter-it-attack-mot-humana
…https://www.humanagroup.se/media/pressmeddelanden/2023/it-angrepp-fran-tredje-part/
Akamai Mitigates Record DDoS Attack in Asia-Pacific (8 mars)
https://www.akamai.com/blog/security/record-breaking-ddos-in-apac
Severe vulnerabilities in Jenkins Server Lead to RCE (8 mars)
https://blog.aquasec.com/jenkins-server-vulnerabilities
…https://isc.sans.edu/podcastdetail.html?id=8402
FBI investigates data breach impacting U.S. House members and staff (8 mars)
https://www.bleepingcomputer.com/news/security/fbi-investigates-data-breach-impacting-us-house-members-and-staff/
New Variant of Fake-ChatGPT Chrome Extension Stealing Facebook Ad Accounts with Thousands of Daily Installs (8 mars)
https://labs.guard.io/fakegpt-new-variant-of-fake-chatgpt-chrome-extension-stealing-facebook-ad-accounts-with-4c9996a8f282
SR Gräns: Så slår Anonymous Sudan och ryska hackare mot Sverige (8 mars)
https://sverigesradio.se/avsnitt/sa-slar-anonymous-sudan-och-ryska-hackare-mot-sverige-grans
Surgeries Canceled After Barcelona Hospital Hit With Ransomware (8 mars)
https://healthnews.com/news/surgeries-canceled-after-barcelona-hospital-hit-with-ransomware/
Data breach hits ‘hundreds’ of lawmakers and staff on Capitol Hill (8 mars)
https://www.nbcnews.com/politics/congress/data-breach-hits-lawmakers-staff-capitol-hill-rcna74061
Backdoors Used in 21% of Cyberattacks (8 mars)
https://www.cfo.com/risk-compliance/information-security-risk-management/2023/03/cyber-attacks-cybersecurity-backdoor-cyber-thieves/
Akamai Mitigates Record DDoS Attack in Asia-Pacific (8 mars)
https://www.akamai.com/blog/security/record-breaking-ddos-in-apac
Old Cyber Gang Uses New Crypter – ScrubCrypt (8 mars)
https://www.fortinet.com/blog/threat-research/old-cyber-gang-uses-new-crypter-scrubcrypt
Inside Threat: Developers Leaked 10M Credentials, Passwords in 2022 (9 mars)
https://www.darkreading.com/application-security/inside-threat-developers-leaked-10m-credentials-passwords-2022
IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks (9 mars)
https://thehackernews.com/2023/03/icefire-linux-ransomware.html
AT&T alerts 9 million customers of data breach after vendor hack (9 mars)
https://www.bleepingcomputer.com/news/security/atandt-alerts-9-million-customers-of-data-breach-after-vendor-hack/
Beware of Fake Facebook Profiles, Google Ads Pushing Sys01 Stealer (9 mars)
https://www.hackread.com/fake-facebook-profiles-google-ads-sys01-stealer/
ECB to test banks for cyber resilience, Enria says (9 mars)
https://www.reuters.com/technology/ecb-test-banks-cyber-resilience-enria-says-2023-03-09/
Ransomware-attackerna mot Sverige värre än någonsin (10 mars)
https://computersweden.idg.se/2.2683/1.777246/ransomware-attackerna-tillbaka-i-sverige–laget-varre-an-nagonsin
FBI and international cops catch a NetWire RAT (10 mars)
https://www.theregister.com/2023/03/10/fbi_netwire_seizure/
Informationssäkerhet och övrigt
CERT-EU: Cyber Security Brief February 2023
https://cert.europa.eu/static/MEMO/2023/TLP-CLEAR-CB-23-03.pdf
MS-ISAC: 20 Years as Your Trusted Cyber Defense Community
https://www.cisecurity.org/insights/blog/ms-isac-20-years-as-your-trusted-cyber-defense-community
Biden-Harris Administration Announces National Cybersecurity Strategy
https://www.whitehouse.gov/briefing-room/statements-releases/2023/03/02/fact-sheet-biden-harris-administration-announces-national-cybersecurity-strategy/