CERT-SE:s veckobrev v.34

Veckobrev

Blandade nyheter från veckan som gått. Trevlig helg!

Nyheter i veckan

Claroty Biannual ICS Risk & Vulnerability Report: 1H 2020 https://info.claroty.com/biannual-ics-risk-vulnerability-report-1h-2020

Keeping the gate locked on your IoT devices: Vulnerabilities found on Amazon’s Alexa (13 aug) https://research.checkpoint.com/2020/amazons-alexa-hacked/

Mac malware spreads through Xcode projects, abuses WebKit, Data Vault vulnerabilities (14 aug) https://www.zdnet.com/article/mac-malware-spreads-through-xcode-projects-abuses-previously-unknown-vulnerabilities/ ..
Nytt skadeprogram för Mac går via Xcode (17 aug) https://macworld.idg.se/2.1038/1.738224/nytt-skadeprogram-for-mac-gar-via-xcode

For six months, security researchers have secretly distributed an Emotet vaccine across the world (14 aug) https://www.zdnet.com/article/for-six-months-security-researchers-have-secretly-distributed-an-emotet-vaccine-across-the-world/

Ransom demands return: New ddos extortion threats from old actors targeting finance and retail (17 aug) https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html

Microsoft Put Off Fixing Zero Day for 2 Years (17 aug) https://krebsonsecurity.com/2020/08/microsoft-put-off-fixing-zero-day-for-2-years

Researchers Can Duplicate Keys from the Sounds They Make in Locks (18 aug) https://kottke.org/20/08/researchers-can-duplicate-keys-from-the-sounds-they-make-in-locks

Det skadliga programmet Emotet sprids aktivt i Finland (19 aug) https://www.kyberturvallisuuskeskus.fi/sv/det-skadliga-programmet-emotet-sprids-aktivt-i-finland

MAR-10295134-1.v1 – North Korean Remote Access Trojan: BLINDINGCAN (19 aug) https://us-cert.cisa.gov/ncas/analysis-reports/ar20-232a

Intel Owl – OSINT tool automates the intel-gathering process using a single API (19 aug) https://portswigger.net/daily-swig/intel-owl-osint-tool-automates-the-intel-gathering-process-using-a-single-api

Gmail is down, along with Google Drive, Docs, Meet and more (20 aug) https://betanews.com/2020/08/20/gmail-down-google-outage/2020 CWE Top 25 Most Dangerous Software Weaknesses (20 aug) https://cwe.mitre.org/top25/archive/2020/2020_cwe_top25.htmlLinux users no longer safe from this up-and-coming DDoS botnet (20 aug) https://www.techradar.com/news/linux-users-no-longer-safe-from-this-up-and-coming-ddos-botnet

Global ransomware attacks in 2020: The top 4 vulnerabilities (20 aug) https://blog.sensecy.com/2020/08/20/global-ransomware-attacks-in-2020-the-top-4-vulnerabilities/

Chromium’s impact on root DNS traffic (21 aug) https://blog.apnic.net/2020/08/21/chromiums-impact-on-root-dns-traffic/

Informationssäkerhet och blandat

Åtalsanmäls för hundratals otillåtna sökningar (13 aug) https://www.publikt.se/nyhet/atalsanmals-hundratals-otillatna-sokningar-22521

Böter och varning efter registrering av elever med ansiktsigenkänning (14 aug) https://www.dagensjuridik.se/nyheter/boter-och-varning-efter-registrering-av-elever-med-ansiktsigenkanning/

Polisen: Vi börjar använda ansiktsigenkänning i höst (17 aug) https://www.nyteknik.se/digitalisering/polisen-vi-borjar-anvanda-ansiktsigenkanning-i-host-6999476

SVT och SR uppmanar medarbetare att radera videoappen Tiktok (17 aug) https://www.svt.se/kultur/svt-uppmanar-personalen-att-radera-videoappen-tiktok

Datainspektionen godkänner bindande företagsbestämmelser enligt GDPR (18 aug) https://www.datainspektionen.se/nyheter/datainspektionen-godkanner-bindande-foretagsbestammelser-enligt-gdpr2/

Why do healthcare organizations have a target on their back? (18 aug) https://www.helpnetsecurity.com/2020/08/18/healthcare-organizations-target/

Tiktok: En barnapp – eller ett allvarligt hot mot landets säkerhet? (18 aug) https://svt.se/kultur/tiktok-en-barnapp-eller-ett-allvarligt-hot-mot-landets-sakerhet

The Attack That Broke Twitter Is Hitting Dozens of Companies (18 aug) https://www.wired.com/story/phone-spear-phishing-twitter-crime-wave/

Myndighetsdomän togs över av spelbolag – utnyttjas för sökoptimering (anm. bakom betalvägg) (20 aug) https://computersweden.idg.se/2.2683/1.738278/pts-doman-spelbolag

CERT-SE i veckan

CERT-SE deltog i övningen Cyber Storm

Sårbarheter i Pulse Secure-produkter varav en kritisk