CERT-SE:s veckobrev v.20

Veckobrev

Blandade nyheter, fortsatt visst Corona-tema. Vi uppmärksammar även att det i dagarna var tre år sedan Wannacry: https://en.wikipedia.org/wiki/WannaCry_ransomware_attack

Nyheter i veckan

One malicious MMS is all it takes to pwn a Samsung smartphone: Bug squashed amid Android patch batch (8 maj) https://www.theregister.co.uk/2020/05/08/samsung_android_patches/

APT Group Wages 5-Year Cyber-Espionage Campaign: Report (8 maj) https://www.databreachtoday.eu/apt-group-wages-5-year-cyber-espionage-campaign-report-a-14252

Ligan avslöjad - efter attacken mot Sverige (8 maj) https://www.expressen.se/sport/fotboll/ligan-avslojad-efter-attacken-mot-sverige/

Pi-hole v5.0 is here! (10 maj) https://pi-hole.net/2020/05/10/pi-hole-v5-0-is-here/

Störningar i Bank-ID under söndagen (10 maj) https://sverigesradio.se/sida/artikel.aspx?programid=98&artikel=7470184

Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking (10 maj) https://www.databreachtoday.eu/apt-group-wages-5-year-cyber-espionage-campaign-report-a-14252

Nätägaren efter cyberattacken: Inte riktat mot oss (11 maj) https://sverigesradio.se/sida/artikel.aspx?programid=109&artikel=7471005

Misstänks ha sökt på släktingar i polisens register - åtalas (12 maj) https://sverigesradio.se/sida/artikel.aspx?programid=101&artikel=7471714

Top 10 Routinely Exploited Vulnerabilities (12 maj) https://www.us-cert.gov/ncas/alerts/aa20-133a

There’s Norway you’re going to believe this: Government investment fund conned out of $10m in cyber-attack (14 maj) https://www.theregister.co.uk/2020/05/14/norway_investment_fund_hack/

UK electricity middleman hit by cyber-attack (14 maj) https://www.zdnet.com/article/uk-electricity-middleman-hit-by-cyber-attack/ ..
Lights stay on despite cyber-attack on UK’s electricity system (14 maj) https://www.theguardian.com/business/2020/may/14/lights-stay-on-despite-cyber-attack-on-uks-electricity-system

Reverse RDP – The Path Not Taken (14 maj) https://research.checkpoint.com/2020/reverse-rdp-the-path-not-taken/

Corona-relaterat

Investigate | COVID-19 Cybercrime Daily Update https://www.riskiq.com/blog/analyst/covid19-cybercrime-update/

4 tips for protecting users from COVID-19-targeted attacks (9 maj) https://www.sesin.at/2020/05/09/4-tips-for-protecting-users-from-covid-19-targeted-attacks/

Coronavirus cyber-attacks update: beware of the phish (12 maj) https://blog.checkpoint.com/2020/05/12/coronavirus-cyber-attacks-update-beware-of-the-phish/

Informationssäkerhet och blandat

5 CISO Priorities During the COVID-19 Response (7 maj) https://www.sesin.at/2020/05/07/5-ciso-priorities-during-the-covid-19-response/

NCF-møte sabotert av overgrepsvideo (8 maj) https://www.procycling.no/ncf-mote-sabotert-av-barneporno/ ..
Förbundets möte kapat – visade övergrepp mot barn (8 maj) https://www.aftonbladet.se/sportbladet/a/8mMzJ2/forbundets-mote-kapat–visade-overgrepp-mot-barn

The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet (12 maj) https://www.wired.com/story/confessions-marcus-hutchins-hacker-who-saved-the-internet/

Law firm hackers double ransom demand, threaten Donald Trump (14 maj) https://pagesix.com/2020/05/14/la-law-firm-hackers-double-ransom-demand-threaten-donald-trump/

Password administration for system owners https://www.ncsc.gov.uk/collection/passwords ..
Spray you, spray me: defending against password spraying attacks https://www.ncsc.gov.uk/blog-post/spray-you-spray-me-defending-against-password-spraying-attacks

CERT-SE i veckan

De 10 mest exploaterade sårbarheterna

Microsofts och Adobes månatliga säkerhetsuppdateringar för maj 2020