Publicerad: 2020-04-24 15:10

CERT-SE:s veckobrev v.17

Fortsatt mycket fokus kring Covid-19. Under veckan har det även rapporterats om indikationer om att banktrojanen Emotet uppdaterats, med syfte att försvåra detektion.

Nyheter i veckan

IT services giant Cognizant suffers Maze Ransomware cyber attack (18 apr) https://www.bleepingcomputer.com/news/security/it-services-giant-cognizant-suffers-maze-ransomware-cyber-attack/

Emotet Activity Indicates Return (20 apr) https://www.binarydefense.com/threat_watch/emotet-activity-indicates-return/ ..
Emotet banking trojan possibly being prepped for a new attack (23 apr) https://www.scmagazine.com/home/security-news/phishing/emotet-banking-trojan-possibly-being-prepped-for-a-new-attack/

MITRE Releases Results of Evaluations of 21 Cybersecurity Products (21 apr) https://www.mitre.org/news/press-releases/mitre-releases-results-of-evaluations-of-21-cybersecurity-products

Multiple vulnerabilities discovered in smart home devices (22 apr) https://www.helpnetsecurity.com/2020/04/22/vulnerabilities-smart-home/?web_view=true

Detect & Prevent Cyber Attackers from Exploiting Web Servers via Web Shell Malware (22 apr) https://www.nsa.gov/News-Features/News-Stories/Article-View/Article/2159419/detect-prevent-cyber-attackers-from-exploiting-web-servers-via-web-shell-malware/

Zoom Hits Milestone on 90-Day Security Plan, Releases Zoom 5.0 (22 apr) https://blog.zoom.us/wordpress/2020/04/22/zoom-hits-milestone-on-90-day-security-plan-releases-zoom-5-0/

ESET takes down VictoryGate cryptomining botnet (23 apr) https://www.zdnet.com/article/eset-takes-down-victorygate-cryptomining-botnet/

A look at the ATM/PoS malware landscape from 2017-2019 (23 apr) https://securelist.com/atm-pos-malware-landscape-2017-2019/96750/

Web shell malware continues to evade many security tools (23 apr) https://www.helpnetsecurity.com/2020/04/23/web-shell-malware/

Detect and prevent web shell malware (23 apr) https://www.cyber.gov.au/advice/detect-and-prevent-web-shell-malware

Corona-relaterat

Viral marketing - Counterfeits, substandard goods and intellectual property crime in the COVID-19 pandemic (17 apr) https://www.europol.europa.eu/publications-documents/viral-marketing-counterfeits-substandard-goods-and-intellectual-property-crime-in-covid-19-pandemic

Säpos varning till vården: Främmande makt utnyttjar coronakrisen (19 apr) https://www.aftonbladet.se/nyheter/a/GGLLAJ/sapos-varning-till-varden-frammande-makt-utnyttjar-coronakrisen

Remote Video Conferencing Themes in Credential Theft and Malware Threats (19 apr) https://www.proofpoint.com/us/threat-insight/post/remote-video-conferencing-themes-credential-theft-and-malware-threats

Now More Than Ever You Need to Cover Phone And Laptop Cameras, Says Security Expert (19 apr) https://www.sciencealert.com/you-need-to-cover-phone-and-laptop-cameras-now-more-than-ever-says-security-expert

COVID-19 Phishing Emails Mainly Contain TrickBot: Microsoft (20 apr) https://www.bankinfosecurity.com/covid-19-phishing-emails-mainly-contain-trickbot-microsoft-a-14149

Threat update: COVID-19 malicious cyber activity (20 apr) https://www.cyber.gov.au/threats/threat-update-covid-19-malicious-cyber-activity-20-apr-2020

Online Extortion Scams Increasing During The Covid-19 Crisis (20 apr) https://www.ic3.gov/media/2020/200420.aspx

Cyberattacks in the healthcare sector during the first three months of the Covid-19 pandemic (20 apr) https://www.foi.se/rapportsammanfattning?reportNo=FOI%20Memo%207062

2,000 coronavirus scammers taken offline in major phishing crackdown (21 apr) https://www.zdnet.com/article/2000-coronavirus-scammers-taken-offline-in-major-phishing-crackdown/

Studying How Cybercriminals Prey on the COVID-19 Pandemic (22 apr) https://unit42.paloaltonetworks.com/how-cybercriminals-prey-on-the-covid-19-pandemic/

Informationssäkerhet och blandat

46% of SMBs have been targeted by ransomware, 73% have paid the ransom (21 apr) https://www.helpnetsecurity.com/2020/04/21/paying-ransom/

Zoom-Bombing Attack Targets U.S. Government Meeting (21 apr) https://hotforsecurity.bitdefender.com/blog/zoom-bombing-attack-targets-u-s-government-meeting-23030.html

Choosing the right video conferencing tool for the job (23 apr) https://freedom.press/training/blog/videoconferencing-tools/

Kvinna på socialtjänsten kollade upp nya pojkvännens dotter - åtalas för dataintrång (23 apr) https://www.sydsvenskan.se/2020-04-23/kvinna-pa-socialtjansten-kollade-upp-nya-pojkvannens-dotter

CERT-SE i veckan

Sårbarhet i iOS Mail

Kritiska sårbarheter i IBM-produkter

Kontakta oss - dygnet runt

CERT-SE är tillgängliga dygnet runt alla dagar på året för att kunna agera och inom vårt uppdrag hjälpa verksamheter som har drabbats av it-säkerhetsincidenter.

telefon

010-240 40 40

e-post

cert@cert.se

Fler nyheter

2024-04-18 16:25

Oracles kvartalsvisa säkerhetsuppdatering för april 2024

Oracle har publicerat sina kvartalsvisa säkerhetsuppdateringar för april. Säkerhetsuppdateringarna berör ett stort antal produkter. Totalt publiceras...

Sårbarhet Oracle
2024-04-18 15:16

Allvarlig sårbarhet i Cisco IMC

En sårbarhet i CLI (command line interface) i Cisco IMC möjliggör för en autentiserad användare att...

Sårbarhet Cisco
2024-04-18 14:00 Uppdaterad Blixtmeddelande

BM24-002 Kritisk sårbarhet i PAN-OS

Palo Alto varnar om en kritisk sårbarhet i PAN-OS. Sårbarheten har fått maximal CVSS-klassning, 10 av...

Blixtmeddelande PAN-OS Palo Alto
2024-04-17 14:15

Kritiska sårbarheter i Ivanti Avalance

Ivanti har rättat flera sårbarheter i Avalanche, varav två bedöms som kritiska. De kan kan orsaka...

Sårbarhet Ivanti Avalanche
2024-04-16 09:15

Kritisk sårbarhet i PuTTY

En sårbarhet har rättats i PuTTY som gör det möjligt för en angripare att under vissa...

Sårbarhet PuTTY

Nyheter