CERT-SE:s veckobrev v.33

Veckobrev

Ännu en härlig sommarvecka närmar sig sitt slut. Här kommer ett urval av CERT-SE:s omvärldsbevakning i öppna källor. Trevlig helg!

Nyheter i veckan

Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks (6 aug) https://thehackernews.com/2020/08/foreshadow-processor-vulnerability.html

Over 400 vulnerabilities on Qualcomm’s Snapdragon chip threaten mobile phones’ usability worldwide (6 aug) https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/

TeamViewer fixes bug that lets attackers access your PC (7 aug) https://www.bleepingcomputer.com/news/security/teamviewer-fixes-bug-that-lets-attackers-access-your-pc/

FBI: Iranian hackers trying to exploit critical F5 BIG-IP flaw (8 aug) https://www.bleepingcomputer.com/news/security/fbi-iranian-hackers-trying-to-exploit-critical-f5-big-ip-flaw/

How Malicious Tor Relays are Exploiting Users in 2020 (Part I) (9 aug) https://medium.com/@nusenu/how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac

Hacking Zoom: Uncovering Tales of Security Vulnerabilities in Zoom (9 aug) https://mazinahmed.net/blog/hacking-zoom/

Ransomware Reportedly Hits Ventilator Maker (10 aug) https://www.govinfosecurity.com/ransomware-reportedly-hits-ventilator-maker-a-14801

SBA phishing scams: from malware to advanced social engineering (10 aug) https://blog.malwarebytes.com/scams/2020/08/sba-phishing-scams-from-malware-to-advanced-social-engineering/

Avaddon ransomware launches data leak site to extort victims (10 aug) https://www.bleepingcomputer.com/news/security/avaddon-ransomware-launches-data-leak-site-to-extort-victims/

File handling in Unix: tips, traps and outright badness (11 aug) https://rachelbythebay.com/w/2020/08/11/files/

Internet Explorer and Windows zero-day exploits used in Operation PowerFall (12 aug) https://securelist.com/ie-and-windows-zero-day-operation-powerfall/97976/

City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack (12 aug) https://securityaffairs.co/wordpress/107023/malware/city-of-lafayette-ransowmare.html

Maze Reportedly Posts Exfiltrated Canon USA Data (12 aug) https://www.govinfosecurity.com/maze-reportedly-posts-exfiltrated-canon-usa-data-a-14813

Stopping phishing campaigns with bash (13 aug) https://blog.haschek.at/2020/stopping-phishing-campaigns-with-bash.html

RedCurl cybercrime group has hacked companies for three years (13 aug) https://www.zdnet.com/article/redcurl-cybercrime-group-has-hacked-companies-for-three-years/

An Alexa Bug Could Have Exposed Your Voice History to Hackers (13 aug) https://www.wired.com/story/amazon-alexa-bug-exposed-voice-history-hackers/

On Drovorub: Linux Kernel Security Best Practices (13 aug) https://www.mcafee.com/blogs/other-blogs/mcafee-labs/on-drovorub-linux-kernel-security-best-practices/

Informationssäkerhet och blandat

Känner du ingen en “deep fake”? https://moondisaster.org/

SANS: Data Incident 2020 https://www.sans.org/dataincident2020

Pen Test Partners: Boeing 747s receive critical software updates over 3.5” floppy disks (10 aug) https://www.theregister.com/2020/08/10/boeing_747_floppy_drive_updates_walkthrough/

Color by numbers: inside a Dharma ransomware-as-a-service attack (12 aug) https://news.sophos.com/en-us/2020/08/12/color-by-numbers-inside-a-dharma-ransomware-as-a-service-attack/

Homeland Security details new tools for extracting device data at US borders (12 aug) https://www.cnet.com/news/homeland-security-details-new-tools-for-extracting-device-data-at-us-borders/

Åtalsanmäls för hundratals otillåtna sökningar (13 aug) https://www.publikt.se/nyhet/atalsanmals-hundratals-otillatna-sokningar-22521

CERT-SE i veckan

Månatliga säkerhetsuppdateringar från Microsoft och Adobe för augusti

Kritiska sårbarheter i Citrix Endpoint Management