CERT-SE:s veckobrev v.33
Ännu en härlig sommarvecka närmar sig sitt slut. Här kommer ett urval av CERT-SE:s omvärldsbevakning i öppna källor. Trevlig helg!
Nyheter i veckan
Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks (6 aug) https://thehackernews.com/2020/08/foreshadow-processor-vulnerability.html
Over 400 vulnerabilities on Qualcomm’s Snapdragon chip threaten mobile phones’ usability worldwide (6 aug) https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril/
TeamViewer fixes bug that lets attackers access your PC (7 aug) https://www.bleepingcomputer.com/news/security/teamviewer-fixes-bug-that-lets-attackers-access-your-pc/
FBI: Iranian hackers trying to exploit critical F5 BIG-IP flaw (8 aug) https://www.bleepingcomputer.com/news/security/fbi-iranian-hackers-trying-to-exploit-critical-f5-big-ip-flaw/
How Malicious Tor Relays are Exploiting Users in 2020 (Part I) (9 aug) https://medium.com/@nusenu/how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac
Hacking Zoom: Uncovering Tales of Security Vulnerabilities in Zoom (9 aug) https://mazinahmed.net/blog/hacking-zoom/
Ransomware Reportedly Hits Ventilator Maker (10 aug) https://www.govinfosecurity.com/ransomware-reportedly-hits-ventilator-maker-a-14801
SBA phishing scams: from malware to advanced social engineering (10 aug) https://blog.malwarebytes.com/scams/2020/08/sba-phishing-scams-from-malware-to-advanced-social-engineering/
Avaddon ransomware launches data leak site to extort victims (10 aug) https://www.bleepingcomputer.com/news/security/avaddon-ransomware-launches-data-leak-site-to-extort-victims/
File handling in Unix: tips, traps and outright badness (11 aug) https://rachelbythebay.com/w/2020/08/11/files/
Internet Explorer and Windows zero-day exploits used in Operation PowerFall (12 aug) https://securelist.com/ie-and-windows-zero-day-operation-powerfall/97976/
City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack (12 aug) https://securityaffairs.co/wordpress/107023/malware/city-of-lafayette-ransowmare.html
Maze Reportedly Posts Exfiltrated Canon USA Data (12 aug) https://www.govinfosecurity.com/maze-reportedly-posts-exfiltrated-canon-usa-data-a-14813
Stopping phishing campaigns with bash (13 aug) https://blog.haschek.at/2020/stopping-phishing-campaigns-with-bash.html
RedCurl cybercrime group has hacked companies for three years (13 aug) https://www.zdnet.com/article/redcurl-cybercrime-group-has-hacked-companies-for-three-years/
An Alexa Bug Could Have Exposed Your Voice History to Hackers (13 aug) https://www.wired.com/story/amazon-alexa-bug-exposed-voice-history-hackers/
On Drovorub: Linux Kernel Security Best Practices (13 aug) https://www.mcafee.com/blogs/other-blogs/mcafee-labs/on-drovorub-linux-kernel-security-best-practices/
Informationssäkerhet och blandat
Känner du ingen en “deep fake”? https://moondisaster.org/
SANS: Data Incident 2020 https://www.sans.org/dataincident2020
Pen Test Partners: Boeing 747s receive critical software updates over 3.5” floppy disks (10 aug) https://www.theregister.com/2020/08/10/boeing_747_floppy_drive_updates_walkthrough/
Color by numbers: inside a Dharma ransomware-as-a-service attack (12 aug) https://news.sophos.com/en-us/2020/08/12/color-by-numbers-inside-a-dharma-ransomware-as-a-service-attack/
Homeland Security details new tools for extracting device data at US borders (12 aug) https://www.cnet.com/news/homeland-security-details-new-tools-for-extracting-device-data-at-us-borders/
Åtalsanmäls för hundratals otillåtna sökningar (13 aug) https://www.publikt.se/nyhet/atalsanmals-hundratals-otillatna-sokningar-22521
CERT-SE i veckan
Månatliga säkerhetsuppdateringar från Microsoft och Adobe för augusti