CERT-SE:s veckobrev v.30

Veckobrev

En i stora drag lugn vecka men flera kommuner och regioner har besvärats av it-störningar. Oavsett är CERT-SE:s veckobrev full med intressant läsning. Trevlig helg!

Nyheter i veckan

Mitre, the creepy company checking your fingerprints on Facebook for the US Government (20 jul) https://www.grahamcluley.com/mitre-the-creepy-company-checking-your-fingerprints-on-facebook-for-the-us-government/

Chinese APT group targets India and Hong Kong using new variant of MgBot malware (21 jul) https://blog.malwarebytes.com/threat-analysis/2020/07/chinese-apt-group-targets-india-and-hong-kong-using-new-variant-of-mgbot-malware/

How BeerAdvocate Learned They’d Been Pwned (21 jul) https://www.troyhunt.com/how-beeradvocate-learned-theyd-been-pwned/

Hallsberg utsatt för cyberattack: “Sprider sig snabbt” (21 jul) https://sverigesradio.se/artikel/7518631

New ‘Meow’ attack has wiped over 1,800 unsecured databases (22 jul) https://www.bleepingcomputer.com/news/security/new-meow-attack-has-wiped-dozens-of-unsecured-databases/

A Security Breach Exposed More Than One Million DNA Profiles On A Major Genealogy Database (22 jul) https://www.buzzfeednews.com/article/peteraldhous/hackers-gedmatch-dna-privacy

Premier League transfer deal targeted by hackers, says cybersecurity report (23 jul) https://www.skysports.com/transfer/news/11661/12034075/premier-league-transfer-deal-targeted-by-hackers-says-cybersecurity-report

UK govt warns of ransomware, BEC attacks against sports sector (23 jul) https://www.bleepingcomputer.com/news/security/uk-govt-warns-of-ransomware-bec-attacks-against-sports-sector/

Garmin services and production go down after ransomware attack (23 jul) https://www.zdnet.com/article/garmin-services-and-production-go-down-after-ransomware-attack/

Misconfigured S3 exposes Twilio users to Magecart attack (23 jul) https://www.scmagazine.com/home/security-news/misconfigured-s3-exposes-twilio-users-to-magecart-attack/

Twitter hackers accessed direct messages for 36 accounts (23 jul) https://www.scmagazine.com/home/security-news/twitter-hackers-accessed-direct-messages-for-36-accounts/

Hudiksvalls kommuns nätverksproblem åtgärdat (23 jul) https://sverigesradio.se/sida/artikel.aspx?programid=99&artikel=7520150

It-störningar på Södertälje sjukhus under natten (23 jul) https://www.svt.se/nyheter/lokalt/sodertalje/stopp-pa-flera-hall-i-sodertalje-sjukhus-under-natten

Svenskt företag bland offren i USA-åtal mot kinesiska hackare (24 jul) https://www.svt.se/nyheter/utrikes/svenskt-foretag-bland-offren-i-usa-atal-mot-kinesiska-hackare

NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems (23 jul) https://us-cert.cisa.gov/ncas/alerts/aa20-205a

27% of consumers hit with pandemic-themed phishing scams (24 jul) https://www.helpnetsecurity.com/2020/07/24/pandemic-themed-phishing-scams/

Exclusive: More than 1,000 people at Twitter had ability to aid hack of accounts (24 jul) https://www.reuters.com/article/us-twitter-cyber-access-exclusive/exclusive-more-than-1000-people-at-twitter-had-ability-to-aid-hack-of-accounts-idUSKCN24O34E

Region Uppsala i stabsläge – it-systemen har störningar (24 jul) https://www.svt.se/nyheter/lokalt/uppsala/akademiska-i-stabslaget-it-systemet-har-storningar

IT-problem på Region Blekinge (24 jul) https://sverigesradio.se/artikel/7520659

Informationssäkerhet och blandat

GPT-3 Is Amazing—And Overhyped (19 jul) https://www.forbes.com/sites/robtoews/2020/07/19/gpt-3-is-amazingand-overhyped/

What is GPT-3? (21 jul) https://tinkeredthinking.com/index.php?id=841

OpenAI API (21 jul) https://openai.com/blog/openai-api/

Security Onion 2.0 Release Candidate 1 (RC1) Available for Testing! (21 jul) https://blog.securityonion.net/2020/07/security-onion-20-release-candidate-1.html

First Ever Image of a Multi-Planet System around a Sun-like Star Captured by ESO Telescope (22 jul) https://www.eso.org/public/news/eso2011/?lang

Nätfiskeattacker göms i Google Cloud (22 jul) https://www.aktuellsakerhet.se/natfiskeattacker-goms-i-google-cloud/

Journalanteckningar läcktes ut i sociala medier – nu polisanmäler Region Dalarna (23 jul) https://www.svt.se/nyheter/lokalt/dalarna/journalanteckningar-lacktes-ut-i-sociala-medier-nu-polisanmaler-region-dalarna

Tor 0day: Stopping Tor Connections (23 jul) https://www.hackerfactor.com/blog/index.php?/archives/888-Tor-0day-Stopping-Tor-Connections.html

Good Logging (23 jul) https://henrikwarne.com/2020/07/23/good-logging/

Lund vill slå svenskt rekord i kamerabevakning (24 jul) https://www.sydsvenskan.se/2020-07-24/lund-vill-sla-svenskt-rekord-i-kamerabevakning

Rapport: Worm War: The Botnet Battle for IoT Territory https://documents.trendmicro.com/assets/white_papers/wp-worm-war-the-botnet-battle-for-iot-territory.pdf

Pentesting User Interfaces: How to Phish Any Chrome, Outlook, or Thunderbird User https://www.virtuesecurity.com/pentesting-user-interfaces/

Kolla din webbplats! https://webbkoll.dataskydd.net/sv/

CERT-SE i veckan

Allvarlig sårbarhet i Ciscos tjänster för webbgränssnitt utnyttjas aktivt