Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

Vi söker junior IT-säkerhetsspecialist och deskmedarbetare hos CERT-SE, centrala roller i arbetet med att utveckla Sveriges förmåga att hantera it-incidenter. Sista ansökningsdag är den 8 augusti.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.17

Denna veckan har det skrivits mycket om ransomware, men även deepfake, Emotet, intrång och en del annat. Var uppmärksamma på sms om leveranser ni inte förväntat er. Mer information finns i CERT-SE:s publicering Paketleverans-SMS sprider 'FluBot'.

Trevlig valborg!

Nyheter i veckan

Argentine version of Google falls into “wrong” hands leading to search engine's temporary collapse (22 apr)
https://en.mercopress.com/2021/04/22/argentine-version-of-google-falls-into-wrong-hands-leading-to-search-engine-s-temporary-collapse

Turning Telegram toxic: ‘ToxicEye’ RAT is the latest to use Telegram for command & control (22 apr)
https://blog.checkpoint.com/2021/04/22/turning-telegram-toxic-new-toxiceye-rat-is-the-latest-to-use-telegram-for-command-control/

Ransomware's perfect target: Why one industry needs to improve cybersecurity, before it's too late (23 apr)
https://www.zdnet.com/article/ransomwares-perfect-target-why-one-industry-needs-to-improve-cybersecurity-before-its-too-late/

Dutch MPs in video conference with deep fake imitation of Navalny's Chief of Staff (24 apr)
https://nltimes.nl/2021/04/24/dutch-mps-video-conference-deep-fake-imitation-navalnys-chief-staff
..
”Deepfake” lurade tunga politiker i videosamtal (28 apr)
https://www.svd.se/politiker-blev-lurade-med-deepfake-i-videosamtal

Passwordstate breach pushes malicious update to password manager (25 apr)
https://www.slashgear.com/passwordstate-breach-pushes-malicious-update-to-password-manager-25670346/

Emotet malware self-destructs after cops deliver time-bomb DLL to infected Windows PCs (26 apr)
https://www.theregister.com/2021/04/26/emotet_sunday_25_april_killswitch_date/

Ransomwarekostnader i världen skenar – men inte i Sverige (26 apr)
https://computersweden.idg.se/2.2683/1.750118/ransomwarekostnader-i-varlden-skenar--men-inte-i-sverige
..
Rapport:A Sophos Whitepaper. April 2021The State of Ransomware 2021
https://secure2.sophos.com/en-us/medialibrary/pdfs/whitepaper/sophos-state-of-ransomware-2021-wp.pdf

This password-stealing Android malware is spreading quickly: Here's what to watch out for (26 apr)
https://www.zdnet.com/article/this-password-stealing-android-malware-is-spreading-quickly-heres-watch-to-watch-out-for/
..
Despite arrests in Spain, FluBot operations explode across Europe and Japan (26 apr)
https://therecord.media/despite-arrests-in-spain-flubot-operations-explode-across-europe-and-japan/

Apple AirDrop security flaw exposes phone numbers and email address to nearby strangers (26 apr)
https://www.pocket-lint.com/apps/news/apple/156663-apple-airdrop-security-flaw-phone-number-email-address

Ransomware Attack Vectors Shift as New Software Vulnerability Exploits Abound (26 apr)
https://www.coveware.com/blog/ransomware-attack-vectors-shift-as-new-software-vulnerability-exploits-abound

Cyber-attack hackers threaten to share US police informant data (28 apr)
https://www.bbc.com/news/world-us-canada-56898711

UK rail network Merseyrail likely hit by Lockbit ransomware (28 apr)
https://www.bleepingcomputer.com/news/security/uk-rail-network-merseyrail-likely-hit-by-lockbit-ransomware/

Emotet botnet harvested 4.3 million email addresses. Now the FBI is using Have I Been Pwned to alert the victims (28 apr)
https://www.zdnet.com/article/emotet-botnet-harvested-4-3-million-email-addresses-now-the-fbi-is-using-have-i-been-pwned-to-alert-the-victims/

Scammers imitate Windows logo with HTML tables to slip through email gateways (28 apr)
https://www.scmagazine.com/home/security-news/phishing/scammers-imitate-windows-logo-with-html-tables-to-slip-through-email-gateways/

Task Force Seeks to Disrupt Ransomware Payments (29 apr)
https://krebsonsecurity.com/2021/04/task-force-seeks-to-disrupt-ransomware-payments/
..
Rapport: Combatting Ransomware
https://securityandtechnology.org/ransomwaretaskforce/report/

Brazil's Rio Grande do Sul court system hit by REvil ransomware (29 apr)
https://www.bleepingcomputer.com/news/security/brazils-rio-grande-do-sul-court-system-hit-by-revil-ransomware/

Omfattande dataintrång har drabbat Malmö stad – personuppgifter kan läckt ut (29 apr)
https://www.svt.se/nyheter/lokalt/skane/malmo-stads-personalsystem-utsatt-for-dataintrang

Informationssäkerhet och blandat

Defending Against Software Supply Chain Attacks
https://www.cisa.gov/sites/default/files/publications/defending_against_software_supply_chain_attacks_508.pdf

The Winds of Change – What SolarWinds Teaches Us (25 apr)
https://www.tripwire.com/state-of-security/security-data-protection/winds-of-change-what-solarwinds-teaches-us/

When AIs Start Hacking (26 apr)
https://www.schneier.com/blog/archives/2021/04/when-ais-start-hacking.html

Säkerhetsbrister placerade i Linux-kerneln (28 apr)
https://kryptera.se/sakerhetsbrister-placerade-i-linux-kerneln/
..
Forskningsartikel: On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits
https://github.com/QiushiWu/QiushiWu.github.io/blob/main/papers/OpenSourceInsecurity.pdf

Don’t Ignore Ransomware. It’s Bad. (29 apr)
https://www.nytimes.com/2021/04/29/technology/ransomware-attacks-prevention.html

CERT-SE i veckan

Varning: Paketleverans-SMS sprider 'FluBot'