CERT-SE:s veckobrev v.29
Den här veckan är det tio år sedan Stuxnet upptäcktes, en attack som fortsätter att påverka de cyberhot vi ser även idag. Den här veckan har nästan all vår bevakning fokuserat på säkerhetsuppdateringar från olika håll, nedan följer en sammanställning över annat av intresse som hänt i veckan.
Trevlig helg önskar CERT-SE!
Nyheter i veckan
Cybercrime Research: For the Greater Good, or Marketing? (10 jul) https://www.bankinfosecurity.com/blogs/cybercrime-research-for-greater-good-or-marketing-p-2914
Conti ransomware encrypts files quicker, targets SMB network shares (10 jul) https://www.scmagazine.com/home/security-news/ransomware/conti-ransomware-encrypts-files-quicker-targets-smb-network-shares/
Fake Zoom notifications used to steal Office 365 credentials (11 jul) https://www.scmagazineuk.com/fake-zoom-notifications-used-steal-office-365-credentials/article/1689152
VPNs: What Do They Do, and What Don’t They Do? (12 jul) https://www.tripwire.com/state-of-security/featured/vpns-what-do-they-do-what-they-dont-do/
Security alerts more than doubled in the last 5 years, SecOps teams admit they can’t get to them all (13 jul) https://www.helpnetsecurity.com/2020/07/13/volume-of-security-alerts/
Backdoors Identified in Tens of C-Data Fiber Broadband Devices (13 jul) https://www.securityweek.com/backdoors-identified-tens-c-data-fiber-broadband-devices
Hacker breaches security firm in act of revenge (13 jul) https://www.zdnet.com/article/hacker-breaches-security-firm-in-act-of-revenge/
You’ve only added two lines - why did that take two days! (13 jul) https://www.mrlacey.com/2020/07/youve-only-added-two-lines-why-did-that.html
Python Malware On The Rise (13 jul) https://www.cyborgsecurity.com/python-malware-on-the-rise/
Turla / Venomous Bear updates its arsenal: “NewPass” appears on the APT threat scene (14 jul) https://www.telsy.com/turla-venomous-bear-updates-its-arsenal-newpass-appears-on-the-apt-threat-scene/
Citrix denies dark web claim of network compromise and ransomware attack (15 jul) https://www.theregister.com/2020/07/15/citrix_denies_new_network_compromise/
Everything You Need to Know About OAuth (2.0) (15 jul) https://gravitational.com/blog/everything-you-need-to-know-about-oauth/
Tio år sedan Stuxnet upptäcktes (15 jul) https://techworld.idg.se/2.2524/1.737277/tio-ar-sedan-stuxnet-upptacktes
A victory for us all: European Court of Justice makes landmark ruling to invalidate the Privacy Shield (16 jul) https://edri.org/a-victory-for-us-all-european-court-of-justice-makes-landmark-ruling-to-invalidate-the-privacy-shield/
Microsoft Warns of Application-based Phishing (16 jul) https://blog.knowbe4.com/microsoft-warns-of-application-based-phishing
EU court overturns US data transfer agreement in Facebook privacy case (16 jul) https://www.dw.com/en/eu-us-data-transfer-facebook/a-54194377
New Android BlackRock malware targets hundreds of apps (17 jul) https://securityaffairs.co/wordpress/106008/malware/android-blackrock-malware.html
Informationssäkerhet och blandat
Tony Blair tells Russian infosec conference that cross-border infosec policies need more gov intervention (10 jul) https://www.theregister.com/2020/07/10/tony_blair_speech_cyber_polygon_conference/
Indonesia beefs up cyber security after data breaches (12 jul) http://www.straitstimes.com/asia/se-asia/indonesia-beefs-up-cyber-security-after-data-breaches
Cyberwarfare: The changing role of force (13 jul) https://www.helpnetsecurity.com/2020/07/13/cyber-conflict/
A hacker is selling details of 142 million MGM hotel guests on the dark web (14 jul) https://www.zdnet.com/article/a-hacker-is-selling-details-of-142-million-mgm-hotel-guests-on-the-dark-web/
Data breaches decline 33% in the first half of 2020 (14 jul) https://www.techrepublic.com/article/data-breaches-decline-33-in-the-first-half-of-2020/
The Day I Trolled The Entire Internet: An Accidental Research Project on CVE-2020-1350 (15 jul) https://blog.zsec.uk/cve-2020-1350-research/
Ransomware accounts for a third of all cyberattacks against organizations (15 jul) https://www.techrepublic.com/article/ransomware-accounts-for-a-third-of-all-cyberattacks-against-organizations/
F-Secure varnar för förfalskade Cisco-switchar (16 jul) https://techworld.idg.se/2.2524/1.737329/f-secure-varnar-for-forfalskade-natverksswitchar
Who’s Behind Wednesday’s Epic Twitter Hack? (16 jul)
https://krebsonsecurity.com/2020/07/whos-behind-wednesdays-epic-twitter-hack/
..
https://techcrunch.com/2020/07/15/twitter-hacker-admin-scam/
–
https://www.bleepingcomputer.com/news/security/apple-kanye-gates-bezos-more-hacked-in-twitter-account-crypto-scam/
Ryska hackare anklagas för att försöka stjäla vaccinforskning (16 jul)
https://www.dn.se/nyheter/varlden/ryska-hackare-anklagas-for-att-forsoka-stjala-vaccinforskning/
..
https://www.gov.uk/government/news/uk-condemns-russian-intelligence-services-over-vaccine-cyber-attacks
..
https://www.ncsc.gov.uk/news/uk-and-allies-expose-russian-attacks-on-coronavirus-vaccine-development
..
https://malpedia.caad.fkie.fraunhofer.de/actor/apt_29
Cybersecurity concerns front and center as online voting expected to shape future elections (17 jul) https://www.helpnetsecurity.com/2020/07/17/cybersecurity-concerns-online-voting/
CERT-SE i veckan
Sårbarheter i Cisco PLM Software
Allvarliga sårbarheter i Adobes månatliga uppdatering för juli 2020
Fler sårbarheter från Microsofts patch-tisdag (juli 2020)
BM20-002 - Mycket kritisk sårbarhet i Microsoft Windows DNS Server
Kritisk sårbarhet i Microsofts säkerhetsuppdatering för juli 2020
Uppdatering angående felaktigt utskick
Mycket kritisk sårbarhet i SAP NetWeaver (uppdaterad 2020-07-16)