Som du ser är vår webbplats inte anpassad för äldre webbläsare. Vi rekommenderar att du uppgraderar till en nyare webbläsare.
!!

Vi söker systemutvecklare och systemadministratör till CERT-SE, centrala roller i arbetet med att utveckla Sveriges förmåga att hantera it-incidenter. Sista ansökningsdag för båda rollerna är den 21 december.

Publicerad - Veckobrev

CERT-SE:s veckobrev v.36

Bekanta namn Babuk, Conti och REvil gör sig tyvärr påminda den här veckan. Vi informerar även om ny chef för Nationellt cybersäkerhetscenter, den största DDoS-attacken hittills, avslöjanden från en ransomwareförhandlare samt hur man bör prata cybersäkerhet med äldre släktingar. Trevlig helg önskar CERT-SE!

Nyheter i veckan

Confessions of a ransomware negotiator: Well, somebody's got to talk to the criminals holding data hostage (3 sept)
https://www.theregister.com/2021/09/03/how_to_be_a_ransomware/

Chinese hackers behind July 2021 SolarWinds zero-day attacks (3 sept)
https://therecord.media/chinese-hackers-behind-july-2021-solarwinds-zero-day-attacks/

Babuk ransomware's full source code leaked on hacker forum (3 sept)
https://www.bleepingcomputer.com/news/security/babuk-ransomwares-full-source-code-leaked-on-hacker-forum/

Conti ransomware now hacking Exchange servers with ProxyShell exploits (3 sept)
https://www.bleepingcomputer.com/news/security/conti-ransomware-now-hacking-exchange-servers-with-proxyshell-exploits/
--
Conti ransomware gang is targeting unpatched Microsoft Exchange servers (5 sept)
https://siliconangle.com/2021/09/05/conti-ransomware-gang-targeting-unpatched-microsoft-exchange-servers/
--
Irish police seize Conti domains used in HSE ransomware attack (6 sept)
https://www.itpro.co.uk/security/ransomware/360786/irish-police-seize-conti-domains-used-in-hse-ransomware-attack

FBI Warns Ransomware Attack Could Disrupt Food Supply Chain (6 sept)
https://www.securityweek.com/fbi-warns-ransomware-attack-could-disrupt-food-supply-chain

Ransomware attacks increased by 288% in H1 2021 (6 sept)
https://www.helpnetsecurity.com/2021/09/06/ransomware-attacks-increased-2021/

Ransomware gangs target companies using these criteria (6 sept)
https://www.bleepingcomputer.com/news/security/ransomware-gangs-target-companies-using-these-criteria/

This is the perfect ransomware victim, according to cybercriminals (6 sept)
https://www.zdnet.com/article/this-is-the-perfect-ransomware-victim-according-to-cybercriminals/

Therese Naess blir chef för Nationellt cybersäkerhetscenter (7 sept)
https://www.forsvarsmakten.se/sv/aktuellt/2021/09/therese-naess-blir-chef-for-nationellt-cybersakerhetscenter/

Nu bygger vi det svenska ramverket för NIST – är du med oss? (7 sept)
https://www.sis.se/utbildningar/alla-utbildningar/nu-bygger-vi-det-svenska-ramverket-for-nist--ar-du-med-oss/

Bostäder i Borås utsatta för kryptovirus – "Utpressningssyfte" (7 sept)
https://sverigesradio.se/artikel/omfattande-dataintrang-pa-ab-bostader-paverkar-alla-hyresgaster

US Department of Justice to take bite out of cybercrime (7 sept)
https://blog.barracuda.com/2021/09/07/us-department-of-justice-to-take-bite-out-of-cybercrime/
--
https://www.justice.gov/opa/pr/deputy-attorney-general-lisa-monaco-announces-creation-new-cyber-fellows-positions

REvil ransomware gang’s servers are mysteriously online again (7 sept)
https://securityaffairs.co/wordpress/121952/cyber-crime/revil-ransomware-gang-servers-back-online.html

Patch now? Why enterprise exploits are still partying like it's 1999 (8 sept)
https://www.theregister.com/2021/09/08/patch_now_why_enterprise_exploits/

IoT Attacks Skyrocket, Doubling in 6 Months (8 sept)
https://threatpost.com/iot-attacks-doubling/169224/

Coops cio efter den stora it-attacken: ”Verkligheten något annat än träning” (8 sept)
https://cio.idg.se/2.1782/1.755436/coops-cio-efter-attacken-verkligheten-nagot-annat-an-traning

Diversity in cybersecurity is a ‘national security’ issue, congresswoman says (9 sept)
https://therecord.media/diversity-in-cybersecurity-is-a-national-security-issue/

More Detail on the Juniper Hack and the NSA PRNG Backdoor (9 sept)
https://www.schneier.com/blog/archives/2021/09/more-detail-on-the-juniper-hack-and-the-nsa-prng-backdoor.html

Stora störningar i vården – bokade norrbottningar uppmanades att stanna hemma (9 sept)
https://www.svt.se/nyheter/lokalt/norrbotten/stora-driftstorningar-paverkar-varden-i-norrbotten

KTH-professorn: ”Jag är rätt pessimistisk för framtiden inom cybersäkerhet” (9 sept)
https://www.nyteknik.se/sakerhet/kth-professorn-jag-ar-ratt-pessimistisk-for-framtiden-inom-cybersakerhet-7020504

National Cyber Director Sees Ransomware As Continuing Threat (9 sept)
https://www.bankinfosecurity.com/national-cyber-director-sees-ransomware-as-continuing-threat-a-17499

Meet Meris, the new 250,000-strong DDoS botnet terrorizing the internet (9 sept)
https://therecord.media/meet-meris-the-new-250000-strong-ddos-botnet-terrorizing-the-internet/

Russia's Yandex says it repelled biggest DDoS attack in history (10 sept)
https://www.reuters.com/technology/russias-yandex-says-it-repelled-biggest-ddos-attack-history-2021-09-09/

Informationssäkerhet och blandat

Fired NY credit union employee nukes 21GB of data in revenge (1 sept)
https://www.bleepingcomputer.com/news/security/fired-ny-credit-union-employee-nukes-21gb-of-data-in-revenge/

A Roadmap to Secure Connected Cars (2 sept)
https://www.trendmicro.com/vinfo/se/security/news/internet-of-things/a-roadmap-to-secure-connected-cars

Fed up with constant cyberattacks, one country is about to make some big changes (3 sept)
https://www.zdnet.com/article/fed-up-with-constant-cyberattacks-one-country-is-about-to-make-some-big-changes/

Småföretagen sämst rustade mot cyberattacker (3 sept)
https://www.di.se/nyheter/smaforetagen-samst-rustade-mot-cyberattacker/

Kriminalvårdare misstänks för dataintrång (4 sept)
https://sverigesradio.se/artikel/kriminalvardare-misstanks-for-dataintrang

Protonmail lämnade ut aktivists IP-adress (6 sept)
https://nikkasystems.com/2021/09/06/protonmail-lamnade-ut-aktivists-ip-adress/

Enterprises are missing the warning signs of insider threats (6 sept)
https://www.helpnetsecurity.com/2021/09/06/insider-threats-warning-signs/

Healthcare cybersecurity under attack: How the pandemic affected rural hospitals (6 sept)
https://www.helpnetsecurity.com/2021/09/06/rural-hospitals-cybersecurity/

The Latest Work from the SEI: Coordinated Vulnerability Disclosure, Cybersecurity Research, Cyber Risk and Resilience, and the Importance of Fostering Diversity in Software Engineering (6 sept)
https://insights.sei.cmu.edu/blog/the-latest-work-from-the-sei-coordinated-vulnerability-disclosure-cybersecurity-research-cyber-risk-and-resilience-and-the-importance-of-fostering-diversity-in-software-engineering/

Government cyber security agency CERT NZ says a distributed denial of service attack is targeting a number of New Zealand organisations (8 sept)
https://www.interest.co.nz/index.php/news/112157/government-cyber-security-agency-cert-nz-says-%C2%A0distributed-denial-service-attack

Enhancing cybersecurity skills for the entire workforce must be a priority for cyber-resilience (8 sept)
https://www.techrepublic.com/article/enhancing-cybersecurity-skills-for-the-entire-workforce-must-be-a-priority-for-cyber-resilience/

MSB ska förbereda nationellt samordningscenter för cybersäkerhetsforskning och innovation (9 sept)
https://www.mynewsdesk.com/se/msb/pressreleases/msb-ska-foerbereda-nationellt-samordningscenter-foer-cybersaekerhetsforskning-och-innovation-3125556

Hälsomyndigheten hackad efter VM-kvalstrulet (9 sept)
https://www.svd.se/halsomyndigheten-hackad-efter-vm-kvalstrulet

HP Wolf Security Rebellions and Rejections Report Uncovers Remote Workforce Security Trends (9 sept)
https://threatresearch.ext.hp.com/hp-wolf-security-rebellions-and-rejections-report/

How to Talk to Your Grandparents About Cybersecurity (9 sept)
https://www.mcafee.com/blogs/enterprise/how-to-talk-to-your-grandparents-about-cybersecurity/

United Nations Says Intruders Breached Its Systems (10 sept)
https://www.healthcareinfosecurity.com/united-nations-says-intruders-breached-its-systems-a-17503

CERT-SE i veckan

Allvarlig sårbarhet i MSHTML utnyttjas