Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.38

Denna fredag, som råkar vara surkålens och e-bokens dag, tipsar vi bland annat om MSB:s nya föreskrifter om informationssäkerhet, FOI:s cyberutmaning, ett nytt index över vilka länder som är mest motståndskraftiga gällande cybersäkerhet samt bidrar med ett hett tips till den som kanske har råkat dubbelboka sig och har två videokonferenser samtidigt (se nyhet från den 14/9). Trevlig helg önskar CERT-SE!

Nyheter i veckan

Chilean bank shuts down all branches following ransomware attack (7 sep)
https://www.zdnet.com/article/chilean-bank-shuts-down-all-branches-following-ransomware-attack/

Baka credit card skimmer bundles stealth, anti-detection capabilities, warns Visa (7 sep)
https://portswigger.net/daily-swig/baka-credit-card-skimmer-bundles-stealth-anti-detection-capabilities-warns-visa

Vishing: Voice phone scams are the latest trend in phishing attacks (8 sep)
https://www.avira.com/en/blog/what-is-vishing-voice-phishing-explained

Amazon, Apple, and Google’s open-source smart home standard is on track for a 2021 launch (8 sep)
https://www.theverge.com/2020/9/8/21427139/amazon-apple-google-zigbee-alliance-open-source-smart-home-standard-2021-launch

Netwalker ransomware hits Pakistan's largest private power utility (8 sep)
https://www.bleepingcomputer.com/news/security/netwalker-ransomware-hits-pakistans-largest-private-power-utility/

Microsoft: State-backed hackers are targeting the 2020 US elections (10 sep)
https://www.bleepingcomputer.com/news/security/microsoft-state-backed-hackers-are-targeting-the-2020-us-elections/

Linux servers and workstations are hackers' next target, security researchers warn (10 sep)
https://www.techrepublic.com/article/linux-servers-and-workstations-are-hackers-next-target-security-researchers-warn/

Ranking National Cyber Power (11 sep)
https://www.schneier.com/blog/archives/2020/09/ranking-national-cyber-power.html
--
https://www.belfercenter.org/sites/default/files/2020-09/NCPI_2020.pdf

History shows, transparency can ease the fallout from a cyberattack (11 sep)
https://www.scmagazine.com/home/security-news/ransomware/attacks-on-cyber-firms-are-embarrassing-but-transparency-can-ease-the-fallout/

Annonsnätverk sprider skadligt innehåll (12 sep)
https://www.securityuser.com/se/Nyheter/Samhalle/annonsnatverk-sprider-skadligt-innehall

Equinix breach: 7 things to know about netwalker ransomware attacks (14 sep)
https://www.crn.com.au/news/equinix-breach-7-things-to-know-about-netwalker-ransomware-attacks-553216

TF-CSIRT is turning 20! (14 sep)
https://tf-csirt.org/2020/09/14/baiba/

Vikten av jakt på cyberhot under covid-19-eran (14 sep)
https://www.aktuellsakerhet.se/vikten-av-jakt-pa-cyberhot-under-covid-19-eran/

NAB flags cyber attacks during the pandemic have intensified (14 sep)
https://www.news.com.au/finance/nab-flags-cyber-attacks-during-the-pandemic-have-intensified/news-story/8cedc744da49f4bf4c766cfd1410dfa7

Linux systems also vulnerable to attack (14 sep)
https://it-online.co.za/2020/09/14/linux-systems-also-vulnerable-to-attack/

New BlindSide attack uses speculative execution to bypass ASLR (14 sep)
https://www.zdnet.com/article/new-blindside-attack-uses-speculative-execution-to-bypass-aslr/

Hfinger - fingerprinting HTTP requests (14 sep)
https://github.com/CERT-Polska/hfinger

Vast majority of cyber-attacks on cloud servers aim to mine cryptocurrency (14 sep)
https://www.zdnet.com/article/vast-majority-of-cyber-attacks-on-cloud-servers-aim-to-mine-cryptocurrency/

Cyber losses are increasing in frequency and severity (14 sep)
https://www.helpnetsecurity.com/2020/09/14/cyber-losses-are-increasing-in-frequency-and-severity/

How to Report a Cybercrime (14 sep)
https://www.pandasecurity.com/mediacenter/mobile-news/report-cybercrime/

How I prerecorded myself in video meetings for a week (14 sep)
https://www.cnet.com/how-to/how-i-pre-recorded-myself-in-video-meetings-for-a-week/

Säpo: Ryssland och Kina bakom spionage (15 sep)
https://www.svd.se/sapo-cyberspionaget-arpa-industriell-niva
--
https://sverigesradio.se/artikel/7554640

How to protect your organization from DDoS attacks (15 sep)
https://www.techrepublic.com/videos/how-to-protect-your-organization-from-ddos-attacks/

UK NCSC releases the Vulnerability Disclosure Toolkit (15 sep)
https://securityaffairs.co/wordpress/108308/laws-and-regulations/vulnerability-disclosure-toolkit.html
--
https://www.ncsc.gov.uk/files/NCSC_Vulnerability_Toolkit.pdf

Hackers are getting more hands-on with their attacks. That's not a good sign (15 sep)
https://www.zdnet.com/article/hackers-are-getting-more-hands-on-with-their-attacks-thats-not-a-good-sign/

What are the most vulnerable departments and sectors to phishing attacks? (16 sep)
https://www.helpnetsecurity.com/2020/09/16/vulnerable-departments-sectors-phishing-attacks/

Defeating Macro Document Static Analysis with Pictures of My Cat (16 sep)
https://billdemirkapi.me/Defeating-Macro-Document-Static-Analysis-with-Pictures-of-My-Cat/

Ransom from Home – How to close the cyber front door to remote working ransomware attacks (16 sep)
https://blog.trendmicro.com/ransom-from-home-how-to-close-the-cyber-front-door-to-remote-working-ransomware-attacks/

Microsoft SQL Hit by Crypto Mining Malware Perpetrated by New Hacking Group (16 sep)
https://nationalcybersecuritynews.today/microsoft-sql-hit-by-crypto-mining-malware-perpetrated-by-new-hacking-group-computertips-securitytips/

Penguin caught in the crosshairs: advanced persistent threat groups actively target Linux-based workstations and servers (16 sep)
https://www.pinoybisnes.com/news-release/penguin-caught-in-the-crosshairs-advanced-persistent-threat-groups-actively-target-linux-based-workstations-and-servers/

Chrome now lets high-risk APP users scan suspicious files on demand (16 sep)
https://www.zdnet.com/article/chrome-now-lets-high-risk-app-users-scan-suspicious-files-on-demand/

DDoS attacks rose significantly this year (16 sep)
https://www.itproportal.com/news/ddos-attacks-rose-hugely-this-year/

”Regeringen – utred Sveriges behov av kryptosystem” (debattartikel) (16 sep)
https://www.nyteknik.se/opinion/regeringen-utred-sveriges-behov-av-kryptosystem-7001284

Microsoft 365 will let users browse their blocked phishing emails (17 sep)
https://www.techradar.com/news/microsoft-365-will-let-users-browse-their-blocked-phishing-emails

Ransomware attack at German hospital leads to death of patient (17 sep)
https://www.bleepingcomputer.com/news/security/ransomware-attack-at-german-hospital-leads-to-death-of-patient/
--
https://www.zdnet.com/article/first-death-reported-following-a-ransomware-attack-on-a-german-hospital/
--
https://www.govinfosecurity.com/ransomware-attack-at-hospital-leads-to-patients-death-a-15010

CS3STHLM Newsletter September (17 sep)
https://cs3sthlm.se/news/2020/09/17/cs3sthlm-newsletter-septepmber.html

FBI Releases Cybersecurity Advisory on Previously Undisclosed Iranian Malware Used to Monitor Dissidents and Travel and Telecommunications Companies (17 sep)
https://www.fbi.gov/contact-us/field-offices/boston/news/press-releases/fbi-releases-cybersecurity-advisory-on-previously-undisclosed-iranian-malware-used-to-monitor-dissidents-and-travel-and-telecommunications-companies
--
https://home.treasury.gov/news/press-releases/sm1127

Joint Statement on Internet Shutdowns in Belarus (17 sep)
https://ge.usembassy.gov/joint-statement-on-internet-shutdowns-in-belarus/

Emotet strikes Quebec’s Department of Justice (17 sep)
https://cyware.com/news/emotet-strikes-quebecs-department-of-justice-2b837645

IT teams 'too busy' to provide proper training for remote workers (17 sep)
https://www.itproportal.com/news/it-teams-too-busy-to-provide-proper-training-for-remote-workers/

How ransomware operators are joining forces to carry out attacks (17 sep)
https://www.techrepublic.com/article/how-ransomware-operators-are-joining-forces-to-carry-out-attacks/

This ransomware has borrowed a sneaky trick for delivering malware to its victims (17 sep)
https://www.zdnet.com/article/this-ransomware-has-borrowed-a-sneaky-trick-for-delivering-malware-to-its-victims/

FBI opens China-related counterintelligence case every 10 hours (17 sep)
https://www.scmagazine.com/home/security-news/fbi-opens-china-related-counterintelligence-case-every-10-hours/

New Bluetooth Vulnerability (17 sep)
https://www.schneier.com/blog/archives/2020/09/new-bluetooth-vulnerability.html

Trump to block U.S. downloads of TikTok, WeChat on Sunday - officials (18 sep)
https://www.reuters.com/article/us-usa-tiktok-ban-exclusive/trump-to-block-u-s-downloads-of-tiktok-wechat-on-sunday-officials-idUSKBN2691QO

Informationssäkerhet och blandat

Ireland to Order Facebook to Stop Sending User Data to U.S. (9 sep)
https://www.wsj.com/articles/ireland-to-order-facebook-to-stop-sending-user-data-to-u-s-11599671980

Polis erkänner dataintrång – kan få behålla jobbet (11 sep)
https://www.svt.se/nyheter/lokalt/varmland/polis-7

Sverige hårt drabbat av banktrojanen Trickbot (11 sep)
https://it-finans.se/sverige-hart-drabbat-av-banktrojanen-trickbot/

Gratis guide om hur du skyddar dig mot ID-kapningar lanserad (11 sep)
https://www.aktuellsakerhet.se/gratis-guide-om-hur-du-skyddar-dig-mot-id-kapningar-lanserad/

Informationssäkerhet – en rättighet (11 sep)
https://www.offentligaaffarer.se/2020/09/11/informationssakerhet-en-rattighet/

Don't pay the ransom, mate. Don't even fix a price, say Australia's cyber security bods (12 sep)
https://www.theregister.com/2020/09/12/follow_security_basics_and_you/

Researcher kept a major Bitcoin vulnerability secret for two years (13 sep)
https://reviewscenter.net/researcher-kept-a-major-bitcoin-vulnerability-secret-for-two-years/

Föreskrifter om informationssäkerhet för statliga myndigheter (MSBFS 2020:6) (14 sep)
https://www.msb.se/sv/regler/gallande-regler/krisberedskap-och-informationssakerhet/msbfs-20206/

Föreskrifter om säkerhetsåtgärder i informationssystem för statliga myndigheter (MSBFS 2020:7) (14 sep)
https://www.msb.se/sv/regler/gallande-regler/krisberedskap-och-informationssakerhet/msbfs-20207/

Föreskrifter om rapportering av it-incidenter för statliga myndigheter (MSBFS 2020:8) (14 sep)
https://www.msb.se/sv/regler/gallande-regler/krisberedskap-och-informationssakerhet/foreskrifter-om-rapportering-av-it-incidenter-for-statliga-myndigheter-msbfs-20208/

Kinesisk databas med miljoner personers uppgifter läckt (14 sep)
https://www.dn.se/varlden/kinesisk-databas-med-miljoner-personers-uppgifter-lackt/
--
https://www.dn.se/ekonomi/over-tusen-kanda-svenskar-i-kinesisk-datalacka/
--
https://www.dn.se/ekonomi/linus-larsson-en-brokig-skara-manniskor-som-har-blivit-kartlagda/

Misconfigured Database Leaks 370 Million Dating Site Records (14 sep)
https://www.infosecurity-magazine.com/news/misconfigured-database-leaks-370/
--
https://threatpost.com/cloud-leak-320m-dating-site-records/159225/

Undersökning: Distansarbetare utsätter företag för stora säkerhetsrisker (14 sep)
https://www.securityuser.com/se/Nyheter/Samhalle/undersokning-distansarbetare-utsatter-foretag-for-stora-sakerhetsrisker

Magento online stores hacked in largest campaign to date (14 sep)
https://www.zdnet.com/article/magento-online-stores-hacked-in-largest-campaign-to-date/

Personal information of roughly 46,000 veterans exposed in VA hack (14 sep)
https://edition.cnn.com/2020/09/14/politics/veterans-affairs-data-breach/index.html
--
https://www.va.gov/opa/pressrel/pressrelease.cfm?id=5519

Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity (14 sep)
https://us-cert.cisa.gov/ncas/alerts/aa20-258a

Zhenhua Data leak: personal details of millions around world gathered by China tech company (14 sep)
https://www.theguardian.com/world/2020/sep/14/zhenhua-data-full-list-leak-database-personal-details-millions-china-tech-company

Telehealth is healthcare industry’s biggest cybersecurity risk (14 sep)
https://www.helpnetsecurity.com/2020/09/14/telehealth-is-healthcare-industrys-biggest-cybersecurity-risk/
--
https://aspe.hhs.gov/pdf-report/medicare-beneficiary-use-telehealth

Back to Basics: Creating a Culture of Cybersecurity at Work (16 sep)
https://securityintelligence.com/articles/creating-culture-cybersecurity-at-work/

Så hackade polisen kriminellas telefoner (16 sep)
https://www.svt.se/nyheter/inrikes/sa-hackade-polisen-kriminellas-telefoner

FOI anordnar tävling i cybersäkerhet (16 sep)
https://www.aktuellsakerhet.se/foi-anordnar-tavling-i-cybersakerhet/

Cyber security alert issued following rising attacks on UK academia (17 sep)
https://www.ncsc.gov.uk/news/alert-issued-following-rising-attacks-on-uk-academia

Expremiärministern hackad – bad om it-tips (18 sep)
https://www.svd.se/expremiarministern-hackad--bad-om-it-tips

CERT-SE i veckan

Kritisk sårbarhet i Windows Server
Emotet riktas mot svenska organisationer