CERT-SE:s veckobrev v.16
Lite gott och blandat nyhetssvep denna vecka … lite giga-läckage av personuppgifter möts upp med en artikel på informationssakerhet.se med goda råd om känslig information i sociala medier. Läs om både malware som skräpar ner och om dåligheter som städas bort.
Trevlig helg!
Nyheter i veckan
Cyber-attackers hold PN to ransom with major data leak threat (20 apr) https://timesofmalta.com/articles/view/cyber-attackers-hold-pn-to-ransom-with-major-data-leak-threat.865968
Lazarus hacking group now hides payloads in BMP image files (20 apr) https://www.zdnet.com/article/lazarus-state-hacking-group-now-hides-payloads-in-bmp-image-files/
Malware authors are creating fake Microsoft Store pages (20 apr) https://mspoweruser.com/malware-authors-are-creating-fake-microsoft-stores/
REvil gang tries to extort Apple, threatens to sell stolen blueprints (20 apr) https://www.bleepingcomputer.com/news/security/revil-gang-tries-to-extort-apple-threatens-to-sell-stolen-blueprints/
US Takes Steps to Protect Electric System From Cyberattacks (20 apr) https://www.securityweek.com/us-takes-steps-protect-electric-system-cyberattacks
Time is running out to probe networks for Emotet (21 apr) https://www.computerweekly.com/news/252499624/Time-is-running-out-to-probe-networks-for-Emotet
China-linked hackers used VPN flaw to target U.S. defense industry -researchers (21 apr) https://www.reuters.com/technology/china-linked-hackers-used-pulse-secure-flaw-target-us-defense-industry-2021-04-20/
Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app’s perspective (21 apr) https://signal.org/blog/cellebrite-vulnerabilities/
Nearly half of malware now use TLS to conceal communications (21 apr) https://news.sophos.com/en-us/2021/04/21/nearly-half-of-malware-now-use-tls-to-conceal-communications/
University duo thought it would be cool to sneak bad code into Linux as an experiment. Of course, it absolutely backfired (21 apr) https://www.theregister.com/2021/04/21/minnesota_linux_kernel_flaws_update/?
Brace yourselves. Facebook has a new mega-leak on its hands (21 apr) https://arstechnica.com/gadgets/2021/04/tool-links-email-addresses-to-facebook-accounts-at-scale/
PTS om Huawei: En latent säkerhetsrisk (21 apr) https://tt.omni.se/pts-om-huawei-en-latent-sakerhetsrisk/a/2d7X9r
Malware and ransomware gangs have found this new way to cover their tracks (22 apr) https://www.zdnet.com/article/malware-and-ransomware-gangs-have-found-this-new-way-to-cover-their-tracks/
Now this botnet is hunting for unpatched Microsoft Exchange servers (22 apr) https://www.zdnet.com/article/now-this-botnet-is-hunting-for-unpatched-microsoft-exchange-servers/
Informationssäkerhet och blandat
Stora mängder personlig information är på vift (14 apr) https://www.informationssakerhet.se/nyheter/stora-mangder-personlig-information-ar-pa-vift/
Sverige vinnare i världens största cyberförsvarsövning (19 apr) https://www.msb.se/sv/aktuellt/nyheter/2021/april/sverige-vinnare-i-varldens-storsta-cyberforsvarsovning/
FIDO Alliance Creates New Onboarding Standard To Secure Internet of Things (IoT) (20 apr) https://fidoalliance.org/fido-alliance-creates-new-onboarding-standard-to-secure-internet-of-things-iot/
And the Award for Most Popular Movie Used in Passwords Goes to… (20 apr) https://specopssoft.com/blog/most-popular-movie-used-in-passwords/
We need to talk about criminal adversaries who want you to eat undercooked onion rings (20 apr) https://www.theregister.com/2021/04/20/cisco_talos_corosi_fryer_flaws/ .. Vulnerability Spotlight: Remote code execution vulnerabilities in Cosori smart air fryer (19 apr) https://blog.talosintelligence.com/2021/04/vuln-spotlight-co.html
Konspirationsteorier i fokus i ny studie från MSB (21 apr) https://www.msb.se/sv/aktuellt/nyheter/2021/april/konspirationsteorier-i-fokus-i-ny-studie-fran-msb/
Gymnasieelev i Lund fuskade på prov – döms för dataintrång (22 apr) https://www.svt.se/nyheter/lokalt/skane/gymnasieelev-i-lund-doms-efter-att
MI5 warns of thousands of attempts to spy on civil servants via ‘malicious’ online profiles (22 apr) https://www.publictechnology.net/articles/news/mi5-warns-thousands-attempts-spy-civil-servants-%E2%80%98malicious%E2%80%99-online-profiles
Issue 6: Findings from 2H 2020 | Netscout Threat Intelligence Report | DDoS in a Time of Pandemic https://www.netscout.com/threatreport
The World’s Largest Hacking Conferences Are Back IRL This Summer https://www.vice.com/en/article/n7bwbb/def-con-black-hat-hacking-conferences-las-vegas-2021
CERT-SE i veckan
Tre zero day-sårbarheter i Sonicwall Email Security