CERT-SE:s veckobrev v.13
Ransomware, cyberattacker eller sårbara system. Som försvarare i den här branschen får man inte vara en kyckling. Här kommer i alla fall CERT-SE:s påskägg med både läsning och pyssel. Ta chansen och lös ett krypto! Påskpyssel från FRA!
Glad påsk önskar CERT-SE!
Nyheter i veckan
Credit Card Hacking Forum Gets Hacked, Exposing 300,000 Hackers’ Accounts (25 mar) https://www.vice.com/en/article/v7m9jx/credit-card-hacking-forum-gets-hacked-exposing-300000-hackers-accounts
Microsoft Offers Up To $30K For Teams Bugs (25 mar) https://threatpost.com/microsoft-30k-teams-bugs/165037/
Ransomware gang urges victims’ customers to demand a ransom payment (26 mar) https://www.bleepingcomputer.com/news/security/ransomware-gang-urges-victims-customers-to-demand-a-ransom-payment/
New 5G protocol vulnerabilities allow location tracking (26 mar) https://therecord.media/new-5g-protocol-vulnerabilities-allow-location-tracking/
New Advanced Android Malware Posing as “System Update” (26 mar) https://blog.zimperium.com/new-advanced-android-malware-posing-as-system-update/
How Old Breaches Fuel New Identity Crimes (27 mar) https://www.govinfosecurity.com/how-old-breaches-fuel-new-identity-crimes-a-16280
German Parliament Sustains Another Attack (27 mar) https://www.govinfosecurity.com/german-parliament-sustains-another-attack-a-16282
Apple releases emergency update for iPhones, iPads, and Apple Watch (27 mar) https://www.zdnet.com/article/apple-releases-emergency-update-for-iphones-ipads-and-apple-watch/
Australian TV station Channel 9 misses broadcasts after cyber-attack (28 mar) https://therecord.media/australian-tv-station-channel-9-misses-broadcasts-after-cyber-attack/
No, I Did Not Hack Your MS Exchange Server (28 mar) https://krebsonsecurity.com/2021/03/no-i-did-not-hack-your-ms-exchange-server/
Cyber insurance giant CNA hit by ransomware attack (28 mar) https://grahamcluley.com/cyber-insurance-giant-cna-hit-by-ransomware-attack/
Critical netmask networking bug impacts thousands of applications (28 mar) https://www.bleepingcomputer.com/news/security/critical-netmask-networking-bug-impacts-thousands-of-applications/
Changes to Git commit workflow (28 mar) https://news-web.php.net/php.internals/113838
Universal “netmask” npm package, used by 270,000+ projects, vulnerable to octal input data: … (28 mar) https://sick.codes/universal-netmask-npm-package-used-by-270000-projects-vulnerable-to-octal-input-data-server-side-request-forgery-remote-file-inclusion-local-file-inclusion-and-more-cve-2021-28918/
Hades Ransomware Linked to Hafnium and Exchange Attacks (29 mar) https://www.infosecurity-magazine.com/news/hades-ransomware-linked-hafnium/
A Verizon security expert on why 5G is raising the bar for cyber defenders (29 mar) https://therecord.media/a-verizon-security-expert-on-why-5g-is-raising-the-bar-for-cyber-defenders/
Sodinokibi (aka REvil) Ransomware (29 mar) https://thedfirreport.com/2021/03/29/sodinokibi-aka-revil-ransomware/
London’s biggest school trust hit by ransomware (29 mar) https://therecord.media/londons-biggest-school-trust-hit-by-ransomware/
AP sources: SolarWinds hack got emails of top DHS officials (29 mar) https://apnews.com/article/solarwinds-hack-email-top-dhs-officials-8bcd4a4eb3be1f8f98244766bae70395
PHP Infiltrated with Backdoor Malware (29 mar) https://threatpost.com/php-infiltrated-backdoor-malware/165061/
Targeted email attacks are on the rise (30 mar) https://www.itproportal.com/news/targeted-email-attacks-are-on-the-rise/
Stor säkerhetslucka i Stockholms stads it-system – sårbart för attacker (30 mar) https://www.nyteknik.se/digitalisering/stor-sakerhetslucka-i-stockholms-stads-it-system-sarbart-for-attacker-7012123
APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign (30 mar) https://securelist.com/apt10-sophisticated-multi-layered-loader-ecipekac-discovered-in-a41apt-campaign/101519/
Whistleblower: Ubiquiti Breach “Catastrophic” (30 mar) https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/
Akamai Sees Largest DDoS Extortion Attack Known to Date (30 mar) https://www.securityweek.com/akamai-sees-largest-ddos-extortion-attack-known-date
APT Charming Kitten Pounces on Medical Researchers (31 mar) https://threatpost.com/charming-kitten-pounces-on-researchers/165129/
Hackers are implanting multiple backdoors at industrial targets in Japan (31 mar) https://thehackernews.com/2021/03/hackers-are-implanting-multiple.html
informationssäkerhet och blandat
Cybersecurity Framework Election Infrastructure Profile https://csrc.nist.gov/publications/detail/nistir/8310/draft
Integritetsincidenterna ökar för fjärde året i rad (28 mar) https://www.telekomnyheterna.se/pub2/viewArticle?articleId=58952
HOWTO backdoor curl (30 mar) https://daniel.haxx.se/blog/2021/03/30/howto-backdoor-curl/
What is cyber risk quantification, and why is it important? (30 mar) https://www.techrepublic.com/article/what-is-cyber-risk-quantification-and-why-is-it-important/
Tips for robotics developers (30 mar) https://www.techrepublic.com/videos/tips-for-robotic-developers/
10 pioneering women in information security (30 mar) https://www.csoonline.com/article/3613418/10-pioneering-women-in-information-security.html
FI vill att störningar i Swish följs upp och rapporteras (31 mar) https://www.fi.se/sv/publicerat/nyheter/2021/fi-vill-att-storningar-i-swish-foljs-upp-och-rapporteras/
Undersökning av informations- och cybersäkerhet (31 mar) https://www.fi.se/sv/publicerat/undersokningar/undersokningar-lista/2021/undersokning-av-informations–och-cybersakerhet/
Ekot: Svenska medborgare i läckt kinesisk övervakningsdatabas (1 apr) https://www.dn.se/varlden/ekot-svenska-medborgare-i-lackt-kinesisk-overvakningsdatabas/