CERT-SE:s veckobrev v.9

Vi uppmärksammar Internationella Musarmsdagen [1], som infaller den sista dagen i februari varje år, genom att dela prima förebyggnade övningar: https://www.youtube.com/watch?v=eMalB40vkaU

Trevlig helg!

[1] *International RSI day eller International RSI awareness day – årsdag för höjd med­­veten­­het om be­­last­nings­­skador (repetitive strain injuries, RSI), or­­sakade av arbete vid dator. *

Nyheter i veckan

Perilous Peripherals: The Hidden Dangers Inside Windows & Linux Computers (18 feb) https://eclypsium.com/2020/2/18/unsigned-peripheral-firmware/

Mobile malware and exploitation amongst biggest cyber threats for 2020 (24 feb) https://securitybrief.co.nz/story/mobile-malware-and-exploitation-amongst-biggest-cyber-threats-for-2020

FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019 (24 feb) https://securityaffairs.co/wordpress/98330/malware/malware-found-fireeye-report.html

Why Minimizing Human Error is the Only Viable Defense Against Spear Phishing (25 feb) https://thehackernews.com/2020/02/spear-phishing-cybersecurity.html ..
Rapport: https://docs.apwg.org/reports/apwg_trends_report_q4_2019.pdf

DoppelPaymer Ransomware Launches Site to Post Victim’s Data (25 feb) https://www.bleepingcomputer.com/news/security/doppelpaymer-ransomware-launches-site-to-post-victims-data/

Flaw in billions of Wi-Fi devices left communications open to eavesdropping (26 feb) https://arstechnica.com/information-technology/2020/02/flaw-in-billions-of-wi-fi-devices-left-communications-open-to-eavesdroppng/

Facial-Recognition Company That Works With Law Enforcement Says Entire Client List Was Stolen (26 feb) https://www.thedailybeast.com/clearview-ai-facial-recognition-company-that-works-with-law-enforcement-says-entire-client-list-was-stolen

Three ways attackers get around TOTP authentication (26 feb) https://www.itproportal.com/features/three-ways-attackers-get-around-totp-authentication/

Sports retailer Decathlon spills 123 million records, including unencrypted employee passwords (26 feb) https://www.computing.co.uk/news/4011409/decathlon-data-breach-passwords

Kr00k Bug in Broadcom, Cypress WiFi Chips Leaks Sensitive Info (26 feb) https://www.bleepingcomputer.com/news/security/kr00k-bug-in-broadcom-cypress-wifi-chips-leaks-sensitive-info/ ..
What is Kr00k?: https://www.eset.com/int/kr00k/

Reading Municipal Light Department, an electric utility in Massachusetts, hit by ransomware (26 feb) https://securityaffairs.co/wordpress/98508/cyber-crime/reading-municipal-light-department-ransomware.html

Hackers can peep through this smart vacuum’s camera, research shows (26 feb) https://www.cnet.com/news/hackers-can-peep-through-this-smart-vacuums-camera-research-shows/

Zyxel storage, firewall, VPN, security boxes have a give-anyone-on-the-internet-root hole: Patch right now (26 feb) https://www.theregister.co.uk/2020/02/26/zyxel_security_hole/

Hackers adopting more advanced ransomware tactics (26 feb) https://www.itproportal.com/news/hackers-moving-towards-a-more-complex-post-compromise-ransomware-approach/

How a Hacker’s Mom Broke Into a Prison—and the Warden’s Computer (26 feb) https://www.wired.com/story/hackers-mom-broke-into-prison-wardens-computer/

How one man could have flooded your phone with Microsoft spam (27 feb) https://nakedsecurity.sophos.com/2020/02/27/how-one-man-could-have-flooded-your-phone-with-microsoft-spam/

DHS cyber chief takes on ransomware (27 feb) https://gcn.com/articles/2020/02/27/rsa-cisa-krebs-ransomware.aspx

Cisco patches incoming to address Kr00k vulnerability impacting routers, firewall products (27 feb) https://www.zdnet.com/article/cisco-says-patches-incoming-to-address-new-kr00k-vulnerability-impacting-routers-firewall-products/

Mac adware is more sophisticated and dangerous than traditional Mac malware (27 feb) https://blog.malwarebytes.com/mac/2020/02/mac-adware-is-more-sophisticated-dangerous-than-traditional-mac-malware/

Android malware can steal Google Authenticator 2FA codes (27 feb) https://www.zdnet.com/article/android-malware-can-steal-google-authenticator-2fa-codes/

Let’s Encrypt Has Issued a Billion Certificates (27 feb) https://letsencrypt.org/2020/02/27/one-billion-certs.html

The ransomware attack took over computers with digital evidence on six suspected drug dealers. (27 feb) https://www.hackread.com/police-loses-evidence-ryuk-ransomware-attack-suspects-walk-free/

”Norrbotten dåligt rustat mot cyberhot” (28 feb) https://www.svt.se/nyheter/lokalt/norrbotten/norrbotten-daligt-rustat-mot-cyberhot

Informationssäkerhet och blandat

Many Tech Experts Say Digital Disruption Will Hurt Democracy (21 feb) https://www.pewresearch.org/internet/2020/02/21/many-tech-experts-say-digital-disruption-will-hurt-democracy/

Using the FortiGuard Labs Threat Landscape Report to Defend Against Evolving Cybercrime (26 feb) https://www.fortinet.com/blog/threat-research/using-the-fortiguard-labs-threat-landscape-report-to-defend-against-evolving-cybercrime.html ..
Rapport: https://www.fortinet.com/content/dam/maindam/PUBLIC/02_MARKETING/08_Report/Threat-Report-Q4-2019.pdf

Dataproblem hos polisen stängde Sveriges gränser (27 feb) https://www.dn.se/nyheter/sverige/dataproblem-hos-polisen-stangde-sveriges-granser/

Dataläcka hos H&M – 600 anställda drabbade (28 feb) https://sverigesradio.se/sida/artikel.aspx?programid=83&artikel=7413099

Elections Cyber Tabletop in a Box https://www.cisa.gov/publication/elections-cyber-tabletop-box ..
https://www.cisa.gov/sites/default/files/publications/Elections-Cyber-Tabletop-Exercise-Package-20200128-508.pdf

CERT-SE i veckan

Aktiva skanningar efter sårbara Microsoft Exchange-servrar Kritisk sårbarhet i OpenSMTPD