CERT-SE:s veckobrev v.7

Veckobrev

Blandade nyheter från veckan som gått.

Nyheter i veckan

Financial Firms Targeted With New Type of Backdoor: Report (7 feb) https://www.bankinfosecurity.com/financial-firms-targeted-new-type-backdoor-report-a-13699

Ransomware installs Gigabyte driver to kill antivirus products (7 feb) https://www.zdnet.com/article/ransomware-installs-gigabyte-driver-to-kill-antivirus-products

43% of cloud databases are not encrypted: Palo Alto Networks (7 feb) https://www.expresscomputer.in/cloud/43-of-cloud-databases-are-not-encrypted-palo-alto-networks/48745/

How to Update the Windows 10 Antivirus Using Just a Command (7 feb) https://news.softpedia.com/news/how-to-update-the-windows-10-antivirus-using-just-a-command-529132.shtml

Dutch university paid $220,000 ransom to hackers after Christmas attack (7 feb) https://www.grahamcluley.com/dutch-university-ransomware/

How Shadow IT could put your organization at risk (7 feb) https://www.techrepublic.com/article/how-shadow-it-could-put-your-organization-at-risk

IoT devices at major Manufacturers infected with crypto-miner (8 feb) https://securityaffairs.co/wordpress/97495/malware/iot-devices-manufacturers-miner.html

10 Tenets for Cyber Resilience in a Digital World (9 feb) https://www.tripwire.com/state-of-security/featured/10-tenets-cyber-resilience

IoT security: Five things to change to make your smart devices really secure (9 feb) https://www.zdnet.com/article/iot-security-five-things-to-change-to-make-your-smart-devices-really-secure/

The top ten password-cracking techniques used by hackers (10 feb) https://www.itpro.co.uk/security/34616/the-top-ten-password-cracking-techniques-used-by-hackers

Forgotten motherboard driver turns out to be perfect for slipping Windows ransomware past antivirus checks (11 feb) https://www.theregister.co.uk/2020/02/11/forgotten_gigabte_driver_robbinhood/

Mac malware reports grew 400% in 2019 (12 feb) https://www.trustedreviews.com/news/mac-malware-reports-grew-400-in-2019-3983646

Digital certificates still cause unplanned downtime and application outages (14 feb) https://www.helpnetsecurity.com/2020/02/14/digital-certificates-downtime/

Informationssäkerhet och blandat

Cybersäkerhet och styrelsens ansvar (årsrapport från finska TRAFICOM, finländska Transport- och kommunikationsverket) https://www.kyberturvallisuuskeskus.fi/sites/default/files/media/publication/T_KyberHV_SWEdigi_auk280120.pdf

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack (10 feb) https://krebsonsecurity.com/2020/02/u-s-charges-4-chinese-military-officers-in-2017-equifax-hack

Day in the Life of a Bot (10 feb) https://www.darkreading.com/attacks-breaches/day-in-the-life-of-a-bot/a/d-id/1336954

Software error exposes the ID numbers for 1.26 million Danish citizens (10 feb) https://www.zdnet.com/article/software-error-exposes-the-id-numbers-for-1-26-million-danish-citizens/

Chefläkaren om IT-haveriet: “Aldrig varit med om något liknande” (10 feb) https://sverigesradio.se/sida/artikel.aspx?programid=96&artikel=7403282

Efter skandalen - svenskt företag utreder produkterna (12 feb) https://sverigesradio.se/sida/artikel.aspx?programid=83&artikel=7406894

CERT-SE i veckan

Säkerhetsuppdateringar från Adobe Microsofts säkerhetsuppdateringar för februari