CERT-SE:s veckobrev v.31

Veckobrev

Medborgare, somliga går i trasiga skor, tills dom har slutat gå. Lappa och laga era GRUB2 i tid så blir det bra. Trevlig helg!

Nyheter i veckan

New ‘Shadow Attack’ can replace content in digitally signed PDF files (23 jul) https://www.zdnet.com/article/new-shadow-attack-can-replace-content-in-digitally-signed-pdf-files/

FBI warns US companies about backdoors in Chinese tax software (24 jul) https://www.zdnet.com/article/fbi-warns-us-companies-about-backdoors-in-chinese-tax-software/

A vigilante is sabotaging the Emotet botnet by replacing malware payloads with GIFs (24 jul) https://www.zdnet.com/article/a-vigilante-is-sabotaging-the-emotet-botnet-by-replacing-malware-payloads-with-gifs/

Attackers have created a specialized economy around email account takeover (27 jul) https://www.helpnetsecurity.com/2020/07/27/attackers-have-created-a-specialized-economy-around-email-account-takeover/

Source code from dozens of companies leaked online (27 jul) https://www.bleepingcomputer.com/news/security/source-code-from-dozens-of-companies-leaked-online/

FBI warns of new DDoS attack vectors: CoAP, WS-DD, ARMS, and Jenkins (27 jul) https://www.zdnet.com/article/fbi-warns-of-new-ddos-attack-vectors-coap-ws-dd-arms-and-jenkins/

Undetectable Linux Malware Targeting Docker Servers With Exposed APIs (28 jul) https://thehackernews.com/2020/07/docker-linux-malware.html

Watch Your Containers: Doki Infecting Docker Servers in the Cloud (28 jul) https://www.intezer.com/container-security/watch-your-containers-doki-infecting-docker-servers-in-the-cloud/

Hacker leaks 386 million user records from 18 companies for free (28 jul) https://www.bleepingcomputer.com/news/security/hacker-leaks-386-million-user-records-from-18-companies-for-free/amp/

There’s a Hole in the Boot (29 jul) https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/

FBI warns of Netwalker ransomware targeting US government and orgs (29 jul) https://www.bleepingcomputer.com/news/security/fbi-warns-of-netwalker-ransomware-targeting-us-government-and-orgs/

Root Cause Analyses for 0-day In-the-Wild Exploits (29 jul) https://googleprojectzero.blogspot.com/2020/07/root-cause-analyses-for-0-day-in-wild.html

Zoom Bug Allowed Snoopers Crack Private Meeting Passwords in Minutes (30 jul) https://thehackernews.com/2020/07/zoom-meeting-password-hacking.html

Hackers broke into real news sites to plant fake stories (30 jul) https://arstechnica.com/information-technology/2020/07/hackers-broke-into-real-news-sites-to-plant-fake-stories/

EU imposes the first ever sanctions against cyber-attacks (30 jul) https://www.consilium.europa.eu/en/press/press-releases/2020/07/30/eu-imposes-the-first-ever-sanctions-against-cyber-attacks/

Twitter hackers used “phone spear phishing” in mass account takeover (31 jul) https://arstechnica.com/information-technology/2020/07/twitter-hackers-used-phone-spear-phishing-in-mass-account-takeover/

Informationssäkerhet och blandat

Säpo granskar svenskt 5G-bygge – operatörer riskerar underkännas (25 jul) https://www.dn.se/nyheter/sapo-granskar-svenskt-5g-bygge-operatorer-riskerar-underkannas/

Massive Nintendo leak reveals early Mario, Zelda, and Pokémon secrets (26 jul) https://www.polygon.com/2020/7/26/21339018/nintendo-gigaleak-super-mario-64-zelda-pokemon-what-is-it-snes

When Unix learned to reboot (27 jul) https://bsdimp.blogspot.com/2020/07/when-unix-learned-to-reboot2.html

The Cold War Bunker That Became Home to a Dark-Web Empire (27 jul) https://www.newyorker.com/magazine/2020/08/03/the-cold-war-bunker-that-became-home-to-a-dark-web-empire

Faraday Tour (29 jul) https://xkcd.com/2338/

Ledare: Sofia Nerbrand: Sverige måste rusta sig för informationskriget (29 jul) https://www.dn.se/ledare/sofia-nerbrand-sverige-maste-rusta-sig-for-informationskriget/

Dataläckor blir allt dyrare för företagen visar ny rapport (29 jul) https://techworld.idg.se/2.2524/1.737722/datalackor-blir-allt-dyrare-for-foretagen-visar-ny-rapport ..
Rapport: https://www.ibm.com/security/digital-assets/cost-data-breach-report/Cost%20of%20a%20Data%20Breach%20Report%202020.pdf

Tusen nya kameror ska spana över SL-områden (30 jul) https://www.svd.se/tusen-nya-kameror-ska-spana-over-sl-omraden

Debatt: ”EU-dom kan isolera internet i Europa” (30 jul) https://www.svd.se/eu-dom-kan-isolera-internet-i-europa

1,050 data breaches reported to Australian commissioner in 12 months (31 jul) https://www.zdnet.com/article/1050-data-breaches-reported-to-australian-commissioner-in-12-months/

EU tries to get serious on cybercrime with first sanctions against Wannacry, NotPetya, CloudHopper crews (31 jul) https://www.theregister.com/2020/07/31/eu_sanctions_hackers/ ..
https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32020D1127&from=EN

CERT-SE i veckan

GRUB2 sårbart på Windows- och Linux-enheter med Secure Boot

Kritiska sårbarheter i Cisco-produkter