CERT-SE:s veckobrev v.4

Veckobrev

Blandade nyheter från veckan som gått.

Trevlig helg!

Nyheter i veckan

Top 5 Security Predictions for the Pace of Cloud (17 jan)
https://www.eweek.com/security/top-5-security-predictions-for-the-pace-of-cloud ..
Rapport: https://www.oracle.com/cloud/cloud-threat-report/ (anm.: Kräver registrering)

Cyberattack on a Major Bank Would Have Ripple Effect: Study (17 jan)
https://www.govinfosecurity.com/cyberattack-on-major-bank-would-have-ripple-effect-study-a-13620

Turkish Hackers hit Greek Government websites and local stock exchange (18 jan)
https://securityaffairs.co/wordpress/96550/hacktivism/turkish-hackers-greek-government.html

Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices (19 jan)
https://www.zdnet.com/article/hacker-leaks-passwords-for-more-than-500000-servers-routers-and-iot-devices/#ftag=RSSbaffb68

IT-problem hos Kronofogden påverkar företagare (19 jan)
https://sverigesradio.se/sida/artikel.aspx?programid=106&artikel=7386113

It-revision: Ett hett och viktigt område i framtiden (20 jan)
https://www.tidningenbalans.se/nyheter/it-revision-ett-hett-och-viktigt-omrade-i-framtiden/

This free ransomware decryption tool just got a handy update (20 jan)
https://www.zdnet.com/article/this-free-ransomware-decryption-tool-just-got-a-handy-update/

Flowchart Citrix vulnerability (21 jan)
https://english.ncsc.nl/publications/publications/2020/januari/21/flowchart-citrix-vulnerability

Muhstik Botnet Attacks Tomato Routers to Harvest New IoT Devices (21 jan)
https://unit42.paloaltonetworks.com/muhstik-botnet-attacks-tomato-routers-to-harvest-new-iot-devices/

What is a false flag? How state-based hackers cover their tracks (21 jan)
https://sg.channelasia.tech/article/670150/what-false-flag-how-state-based-hackers-cover-their-tracks/

Detecting attacks leveraging the .NET Framework (22 jan)
https://redcanary.com/blog/detecting-attacks-leveraging-the-net-framework/

WEF Report: Cyberattacks Rank Just Below Climate Change as an Existential Threat (22 jan)
https://www.tenable.com/blog/wef-report-cyberattacks-rank-just-below-climate-change-as-an-existential-threat

Idaho National Lab researcher shines a light on the market for ICS zero-days (22 jan)
https://www.cyberscoop.com/ics-zero-day-exploit-idaho-lab-s4/

Uppgifter: Amazontoppen Jeff Bezos telefon hackades av Saudiarabien (22 jan)
https://www.dn.se/nyheter/varlden/uppgifter-amazontoppen-jeff-bezos-telefon-hackades-av-saudiarabien/

Here Is the Technical Report Suggesting Saudi Arabia’s Prince Hacked Jeff Bezos’ Phone (22 jan)
https://www.vice.com/en_us/article/v74v34/saudi-arabia-hacked-jeff-bezos-phone-technical-report

How to stop typosquatting attacks (23 jan)
https://opensource.com/article/20/1/stop-typosquatting-attacks

Polisanställd dömd för dataintrång - sökte information om pojkvännen (23 jan)
https://www.expressen.se/kvallsposten/polisanstalld-domd-for-dataintrang-sokte-information-om-pojkvannen/

Fritt fram för försvarsanställda att använda riskabla appar (23 jan)
https://www.breakit.se/artikel/23384/fritt-fram-for-forsvarsanstallda-att-anvanda-riskabla-appar

Chef misstänks övervaka anställda via kamera (23 jan)
https://sverigesradio.se/sida/artikel.aspx?programid=109&artikel=7391301

“Det är mycket svårare att idag slå ut ett lands finansiella system” (24 jan)
https://www.realtid.se/det-ar-mycket-svarare-att-idag-sla-ut-ett-lands-finansiella-system

CERT-SE i veckan

Cisco rättar flera sårbarheter

Kritisk sårbarhet i Internet Explorer