CERT-SE:s veckobrev v.12

Veckobrev

Här kommer ett rykande färskt veckobrev från CERT-SE. Även här dominerar Corona-situationen och vi listar bland annat ett antal råd och rekommendationer hur man tryggar ett säkert och smidigt distansarbete för alla inom verksamheten.

Vi på CERT-SE passar på att önska en fin helg (glöm inte att tvätta händerna och stanna hemma vid minsta symtom på snuva eller hosta)!

Nyheter i veckan

Mass account takeovers using HTTP Request Smuggling on https://slackb.com/ to steal session cookies (12 mar) https://hackerone.com/reports/737140

Experterna: ”Cyberfysiska system – det är dit vi är på väg” (13 mar) https://www.nyteknik.se/automation/experterna-cyberfysiska-system-det-ar-dit-vi-ar-pa-vag-6990161

Saving Shadowserver and Securing the Internet — Why You Should Care & How You Can Help (16 mar) https://www.shadowserver.org/news/saving-shadowserver-and-securing-the-internet-why-you-should-care-how-you-can-help/ ..
https://www.wired.com/story/shadowserver-cisco-internet-cybersecurity/

WordPress to add auto-update feature for themes and plugins (16 mar) https://www.zdnet.com/article/wordpress-to-add-auto-update-feature-for-themes-and-plugins/

Five billion records exposed in open ‘data breach database’ (19 mar) https://www.scmagazine.com/home/security-news/database-security/five-billion-records-exposed-in-open-data-breach-database/

Cisco tackles root privilege vulnerability in SD-WAN software (19 mar) https://www.zdnet.com/article/cisco-tackles-root-privilege-vulnerability-in-sd-wan-software/

Evolution of malware obfuscation poses security concerns (19 mar) https://www.scmagazineuk.com/evolution-malware-obfuscation-poses-security-concerns/article/1677639

The 14 biggest data breaches of the 21st century (19 mar) https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html

APT28 has been scanning vulnerable email servers for more than a year (20 mar) https://www.zdnet.com/article/apt28-has-been-scanning-and-exploiting-vulnerable-email-servers-for-more-than-a-year/ ..
Rapport: https://documents.trendmicro.com/assets/white_papers/wp-pawn-storm-in-2019.pdf

Whatever happened to cryptojacking? (19 mar) https://www.tripwire.com/state-of-security/featured/whatever-happened-cryptojacking/

Security flaws found in popular password managers (19 mar) https://www.welivesecurity.com/2020/03/19/security-flaws-found-in-popular-password-managers/

Corona-relaterat

Quickly train employees to work (and children to learn) from home safely and securely https://www.sans.org/security-awareness-training/sans-security-awareness-work-home-deployment-kit

Top Tips for Cybersecurity when Working Remotely (15 mar) https://www.enisa.europa.eu/news/executive-news/top-tips-for-cybersecurity-when-working-remotely

Mer hjemmekontor – store muligheter, men også risikoer (16 mar) https://www.nsm.stat.no/aktuelt/mer-hjemmekontor–store-muligheter-men-ogsa-risikoer/

Working from home? Here are the steps all workers and companies should take to avoid cyberattacks, according to experts (16 mar) https://www.businessinsider.com/how-to-avoid-cyberattacks-working-from-home-covid-19-2020-3?r=US&IR=T

A coronavirus-tracking app locked users’ phones and demanded $100 (16 mar) https://www.cyberscoop.com/coronavirus-app-locked-phones/

The Internet is drowning in COVID-19-related malware and phishing scams (16 mar) https://arstechnica.com/information-technology/2020/03/the-internet-is-drowning-in-covid-19-related-malware-and-phishing-scams/

Nation-Backed Hackers Spread Crimson RAT via Coronavirus Phishing (17 mar) https://www.bleepingcomputer.com/news/security/nation-backed-hackers-spread-crimson-rat-via-coronavirus-phishing/

Internet klarar trycket under coronakrisen – hittills (18 mar) https://www.dn.se/nyheter/sverige/internet-klarar-trycket-under-coronakrisen-hittills/

Coronavirus now possibly largest-ever cyber security threat (18 mar) https://www.computerweekly.com/news/252480238/Coronavirus-now-possibly-largest-ever-cyber-security-threat

6 ways attackers are exploiting the COVID-19 crisis (19 mar) https://www.csoonline.com/article/3532825/6-ways-attackers-are-exploiting-the-covid-19-crisis.html

Some cybercriminals consider laying off health care targets amid COVID-19 crisis (19 mar) https://www.scmagazine.com/home/security-news/news-archive/coronavirus/some-cybercriminals-consider-laying-off-health-care-targets-amid-covid-19-crisis/

COVID-19-Themed Malware Goes Mobile (19 mar) https://www.bankinfosecurity.com/covid-19-themed-malware-goes-mobile-a-13981

Dark Web: Hackers launch Coronavirus sale to sell hacking tools (19 mar) https://www.hackread.com/hackers-launch-coronavirus-sale-sell-hacking-tools/ ..
https://www.securityuser.com/se/Nyheter/Samhalle/cyberkriminella-har-corona-rea-pa-darknet

Living and Working Amid COVID-19 Crisis (19 mar) https://www.govinfosecurity.com/interviews/living-working-amid-covid-19-crisis-i-4621

Öppet mål för hackare när allt fler jobbar hemifrån (20 mar) https://sverigesradio.se/sida/artikel.aspx?programid=105&artikel=7432736

Informationssäkerhet och blandat

88% of IT pros say world is in permanent state of cyberwar (16 mar) https://www.techrepublic.com/article/88-of-it-pros-say-world-is-in-permanent-state-of-cyberwar/#ftag=RSS56d97e7

Why your organization needs to be ready for the Snake ransomware (17 mar) https://www.techradar.com/news/why-your-organization-needs-to-be-ready-for-the-snake-ransomware

Trelleborg anmäler personuppgiftsläcka (19 mar) https://www.dagenssamhalle.se/nyhet/trelleborg-anmaler-personuppgiftslacka-31956

The Changing DDoS Landscape (19 mar) https://www.bankinfosecurity.com/changing-ddos-landscape-a-13976

ENISA looking for talented cybersecurity professionals (20 mar) https://www.helpnetsecurity.com/2020/03/20/enisa-recruitment/

CERT-SE i veckan

Flera kritiska sårbarheter i Trend Micro-produkter exploateras aktivt (17 mar) Säkerhet och infrastruktur vid arbete hemifrån (17 mar)