CERT-SE:s veckobrev v.19
Veckan som gått är i mångt och mycket en normal vecka enligt CERT-SE:s uppfattning gällande it-händelser. Det som är långt ifrån normalt är - som vi alla vet - den pågående pandemin. Här kommer ändå i vanlig ordning en samling av veckans nyheter. Trevlig helg!
Nyheter i veckan
Podcast: Trust me, I’m certified -Mentorship and Mastering Your Fears with Phillip Wylie (1 maj) https://www.giac.org/podcasts/mentorship-and-mastering-your-fears-with-phillip-wylie?
Trump issues executive order to protect power grid from attack (1 maj) https://thehill.com/policy/cybersecurity/495711-trump-issues-executive-order-to-protect-us-power-grid-from-attack
LockBit ransomware self-spreads to quickly encrypt 225 systems (4 maj) https://www.bleepingcomputer.com/news/security/lockbit-ransomware-self-spreads-to-quickly-encrypt-225-systems/
New Kaiji malware targets IoT devices via SSH brute-force attacks (5 maj) https://www.zdnet.com/article/new-kaiji-malware-targets-iot-devices-via-ssh-brute-force-attacks/
SAP notifying 9% of customers about security bugs in some cloud products (5 maj) https://www.zdnet.com/article/sap-notifying-9-of-customers-about-security-bugs-in-some-cloud-products/
Warning: Citrix ShareFile Flaw Could Let Attackers Steal Corporate Secrets (5 maj) https://thehackernews.com/2020/05/citrix-sharefile-vulnerability.html
Digital Fraudsters Masquerading as FINRA in Phishing Emails (5 maj) https://www.tripwire.com/state-of-security/security-data-protection/digital-fraudsters-masquerading-as-finra-in-phishing-emails/
Cyberattack on NTPC Further Exposes the Cybersecurity Risks of Energy Sector (6 maj) https://cyware.com/news/cyberattack-on-ntpc-further-exposes-the-cybersecurity-risks-of-energy-sector-6896de5e
Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware (6 maj) https://krebsonsecurity.com/2020/05/europes-largest-private-hospital-operator-fresenius-hit-by-ransomware/
Cisco Webex phishing uses fake cert errors to steal credentials (6 maj) https://www.bleepingcomputer.com/news/security/cisco-webex-phishing-uses-fake-cert-errors-to-steal-credentials/
Hacker buys old Tesla parts on eBay, finds them full of user data (6 maj) https://arstechnica.com/cars/2020/05/hacker-mines-passwords-locations-and-more-from-retired-tesla-infotainment-gear/
Microsoft’s GitHub account allegedly hacked, 500GB stolen (6 maj) https://www.bleepingcomputer.com/news/security/microsofts-github-account-allegedly-hacked-500gb-stolen/
Äntligen på svenska – Cyber Threat Intelligence (7 maj) https://www.cstromblad.com/2020/05/antligen-pa-svenska-cyber-threat-intelligence/
Over 300 websites taken down in just two weeks as UK public report suspicious emails (7 maj) https://www.grahamcluley.com/over-300-websites-taken-down-in-just-two-weeks-as-uk-public-report-suspicious-emails/
Bank-id utsatt för attack: ”Svårt att veta vem som är angriparen” (7 maj) https://www.dn.se/ekonomi/bank-id-utsatt-for-attack-svart-att-veta-vem-som-ar-angriparen/
Ransomware Slams Healthcare, Logistics, Energy Firms (7 maj) https://www.bankinfosecurity.com/ransomware-slams-healthcare-logistics-energy-firms-a-14243
Corona-relaterat
COVID-19 cyberthreats https://www.interpol.int/Crimes/Cybercrime/COVID-19-cyberthreats
Maze Ransomware Targets the Hospitals and Labs Fighting Coronavirus (5 maj) https://www.tripwire.com/state-of-security/healthcare/maze-ransomware-targets-hospitals-labs-fighting-coronavirus/
Informationssäkerhet och blandat
GoDaddy notifies users of breached hosting accounts (4 maj) https://www.bleepingcomputer.com/news/security/godaddy-notifies-users-of-breached-hosting-accounts/
Standardernas roll ökar inom informationssäkerhet (5 maj) https://www.sis.se/nyheter-och-press/nyheter/standardernas-roll-okar-inom-informationssakerhet/
European Authorities Ban Dirty Cookie Practices in GDPR Update (6 maj)
https://gizmodo.com/european-authorities-ban-dirty-cookie-practices-in-gdpr-1843290010
..
Guidelines: https://edpb.europa.eu/sites/edpb/files/files/file1/edpb_guidelines_202005_consent_en.pdf
Kommunernas it-säkerhet prövas i coronatider (6 maj) https://sverigesradio.se/artikel/7462799
Krisberedskapsveckan 2020 lyfter människan som resurs vid en samhällskris (7 maj) https://www.msb.se/sv/aktuellt/nyheter/2020/maj/krisberedskapsveckan-2020-blir-delvis-digital/
CERT-SE i veckan
Tolv allvarliga sårbarheter i Cisco-produkter