CERT-SE:s veckobrev v.18
Vi är många som vill bekämpa ransomware. Nu har ett sextiotal myndigheter, företag och institutioner bildat en koalition som ska störa och avbryta de cyberkriminella genom att angripa den ekonomiska verksamheten.
Nyheter i veckan
Trickbot Brief: Creds and Beacons (2 maj)
https://thedfirreport.com/2021/05/02/trickbot-brief-creds-and-beacons/
Critical 21Nails Exim bugs expose millions of servers to attacks (4 maj)
https://www.bleepingcomputer.com/news/security/critical-21nails-exim-bugs-expose-millions-of-servers-to-attacks/
Belgium’s government network goes down after massive DDoS attack (4 maj)
https://therecord.media/belgiums-government-network-goes-down-after-massive-ddos-attack/?
This malware has been rewritten in the Rust programming language to make it harder to spot (4 maj)
https://www.zdnet.com/article/this-malware-has-been-rewritten-in-the-rust-programming-language-to-make-it-harder-to-spot/
Belgium suffers major cyberattack (5 maj)
https://www.euractiv.com/section/politics/short_news/belgium-suffers-major-cyber-attack/
New Moriya rootkit used in the wild to backdoor Windows systems (6 maj)
https://www.bleepingcomputer.com/news/security/new-moriya-rootkit-used-in-the-wild-to-backdoor-windows-systems/
Operation TunnelSnake (6 maj)
https://securelist.com/operation-tunnelsnake-and-moriya-rootkit/101831/
Banker godkända i säkerhetstest (6 maj)
https://www.securityuser.com/se/Nyheter/Samhalle/banker-godkanda-i-sakerhetstest
Rysk underrättelsetjänst bakom ransomware-attacker (7 maj)
https://www.securityuser.com/se/Nyheter/Samhalle/rysk-underrattelsetjanst-bakom-ransomware-attacker
..
Are The Notorious Cyber Criminals Evil Corp actually Russian Spies? (truesec.com) (5 maj)
https://blog.truesec.com/2021/05/05/are-the-notorious-cyber-criminals-evil-corp-actually-russian-spies/
Informationssäkerhet och blandat
Can the Bytecode Alliance secure the supply chain with WebAssembly? (28 apr)
https://www.scmagazine.com/home/security-news/cloud-security/can-the-bytecode-alliance-secure-the-supply-chain-with-webassembly/
Multi-Gov Task Force Plans to Take Down the Ransomware Economy (29 apr)
https://threatpost.com/gov-task-force-ransomware-economy/165715/
..
An Ambitious Plan to Tackle Ransomware Faces Long Odds (29 apr)
https://www.wired.com/story/ransomware-task-force-proposal/
..
Institute for Security and Technology (IST) » RTF Report: Combatting Ransomware (29 apr)
https://securityandtechnology.org/ransomwaretaskforce/report/
These breached “Star Wars”-themed passwords need more than the force to save them (3 maj)
https://www.techrepublic.com/article/these-breached-star-wars-themed-passwords-need-more-than-the-force-to-save-them/
Fertilitetsappar delar olovligen känsliga uppgifter från miljontals användare (umu.se) (4 maj)
https://www.umu.se/nyheter/fertilitetsappar-delar-kansliga-data-fran-miljontals-anvandare_10421192/
Anställd inom Region Gävleborg polisanmäld för dataintrång - P4 Gävleborg | Sveriges Radio (5 maj)
https://sverigesradio.se/artikel/anstalld-inom-region-gavleborg-polisanmald-for-dataintrang
World Password Day: Bitdefenders tipsar om hur du tar hand om dina lösenord - dagensinfrastruktur (6 maj)
https://www.dagensinfrastruktur.se/2021/05/06/world-password-day-bitdefenders-tipsar-om-hur-du-tar-hand-om-dina-losenord/
Vulnerability that can be used to DDoS DNS (6 maj)
https://tsuname.io/
Hur gjorde Arne Beurling för att forcera G‑skrivaren?
https://www.fra.se/omfra/frashistoria/hurgjordearnebeurlingforattforceragskrivaren.4.15d6ea201729ce403d23d4.html
Defending Against Software Supply Chain Attacks
https://www.cisa.gov/sites/default/files/publications/defending_against_software_supply_chain_attacks_508.pdf