CERT-SE:s veckobrev v.43

Vecka 43 lider mot sitt slut och det betyder Veckobrev! Trevlig helg!

Nyheter i veckan

Tools and Tactics of the Sodinokibi Ransomware Distributors
https://www.bleepingcomputer.com/news/security/tools-and-tactics-of-the-sodinokibi-ransomware-distributors/

Avast fights off cyber-espionage attempt, Abiss
https://blog.avast.com/ccleaner-fights-off-cyberespionage-attempt-abiss

Estonia is running its country like a tech company
https://qz.com/1535549/living-on-the-blockchain-is-a-game-changer-for-estonian-citizens/

CPDoS: Cache Poisoned Denial of Service
https://cpdos.org/

Smart Spies: Alexa and Google Home expose users to vishing and eavesdropping
https://srlabs.de/bites/smart-spies/

AWS servers hit by sustained DDoS attack
https://www.itpro.co.uk/amazon-web-services-aws/34679/aws-servers-hit-by-sustained-ddos-attac

5G Myth Busting: Unpacking the Cybersecurity Risks and Realities
https://www.securityweek.com/5g-myth-busting-unpacking-cybersecurity-risks-and-realities

Trots rädsla för brott – stor okunskap kring nätsäkerhet
https://www.svt.se/nyheter/lokalt/gavleborg/trots-radsla-for-brott-stor-okunskap-kring-natsakerhet

Winnti Group’s skip‑2.0: A Microsoft SQL Server backdoor
https://www.welivesecurity.com/2019/10/21/winnti-group-skip2-0-microsoft-sql-server-backdoor/

Ny rapport slår fast – Försäkringskassan bra på statlig it-drift
https://computersweden.idg.se/2.2683/1.725480/statligt-moln-forsakringskassan

QSnatch - Malware designed for QNAP NAS devices
https://www.kyberturvallisuuskeskus.fi/en/news/qsnatch-malware-designed-qnap-nas-devices

HELO Winnti: Attack or Scan?
https://www.lastline.com/labsblog/helo-winnti-attack-scan/

A Deep-Dive Analysis of the NukeSped RATs
https://www.fortinet.com/blog/threat-research/deep-analysis-nukesped-rat.html

Data collectors
https://securelist.com/data-collectors/94339/

CERT-SE i veckan

Oktober 2019: Nya angrepp mot e-postkonton i Office 365 och Exchange