CERT-SE:s veckobrev v.40
Måndagens störningar i Facebooks tjänster har diskuterats en del den här veckan. När enstaka fel kan leda till omfattande avbrott med stor spridning och konsekvens, blir frågan om samhällets sårbarhet med ökade centraliseringen av internetstrukturen hos fåtalet företag på nytt aktualiserad.
Vi vill även påminna om CERT-SE:s CTF för nu trillar det in lösningar löpande …
Nyheter i veckan
First on CNN: Biden administration to convene 30 countries to crack down on ransomware threat (1 okt)
https://edition.cnn.com/2021/10/01/politics/blinken-cybersecurity-alliance/
BazarLoader and the Conti Leaks (4 okt)
https://thedfirreport.com/2021/10/04/bazarloader-and-the-conti-leaks/
Ransomware gang arrested in Ukraine with Europol’s support (4 okt)
https://www.europol.europa.eu/newsroom/news/ransomware-gang-arrested-in-ukraine-europol%E2%80%99s-support
..
Two ‘Prolific’ Ransomware Operators Arrested in Ukraine (4 okt)
https://www.securityweek.com/two-prolific-ransomware-operators-arrested-ukraine
CISA Kicks Off Cybersecurity Awareness Month (4 okt)
https://www.darkreading.com/operations/cisa-kicks-off-cybersecurity-awareness-month
PoC Exploit Released for macOS Gatekeeper Bypass (4 okt)
https://www.securityweek.com/poc-exploit-released-macos-gatekeeper-bypass
Washington Adventist University Confirms Ongoing Ransomware Attack (4 okt)
https://www.marylandmatters.org/blog/washington-adventist-university-confirms-ongoing-ransomware-attack/
Arizona Launches Command Center to Combat Cyberattacks (5 okt)
https://www.securityweek.com/arizona-launches-command-center-combat-cyberattacks
Medtronic expands 2 MiniMed insulin pump recalls on ring flaw, cyber risks (5 okt)
https://www.medtechdive.com/news/medtronic-expands-2-minimed-insulin-pump-recalls-ring-flaw-cyber-diabetes/607717/
NSA chief predicts U.S. will face ransomware ‘every single day’ for years to come (5 okt)
https://therecord.media/nsa-chief-predicts-u-s-will-face-ransomware-every-single-day-for-years-to-come/
Company that routes SMS for all major US carriers was hacked for five years (6 okt)
https://arstechnica.com/information-technology/2021/10/company-that-routes-sms-for-all-major-us-carriers-was-hacked-for-five-years/
Twitch confirms it was hacked after its source code and secrets leak out (6 okt)
https://www.theverge.com/2021/10/6/22712365/twitch-data-leak-breach-security-confirmation-comments
Google notifies 14,000 Gmail users of targeted APT28 attacks (7 okt)
https://therecord.media/google-notifies-14000-gmail-users-of-targeted-apt28-attacks/
State-sponsored Chinese crims targeted India with tax and COVID phishing (7 okt)
https://www.theregister.com/2021/10/07/apt_41_phishing_schemes_indian_nationals/
Microsoft to disable Excel 4.0 macros, one of the most abused Office features (7 okt)
https://therecord.media/microsoft-to-disable-excel-4-0-macros-one-of-the-most-abused-office-features/
Rapid RYUK Ransomware Attack Group Christened as FIN12 (7 okt)
https://www.darkreading.com/attacks-breaches/rapid-ryuk-ransomware-attack-group-christened-as-fin12
Ransomware Attack on Springhill Medical Center Leads to a Negligent Homicide Investigation After a Baby Dies (7 okt)
https://www.cpomagazine.com/cyber-security/ransomware-attack-on-springhill-medical-center-leads-to-a-negligent-homicide-investigation-after-a-baby-dies/
Air gaps have been ‘shattered’, says new Indian policy on power sector security (8 okt)
https://www.theregister.com/2021/10/08/india_power_sector_infosec_policy/
Understanding How Facebook Disappeared from the Internet (4 okt)
https://blog.cloudflare.com/october-2021-facebook-outage/
What Happened to Facebook, Instagram, & WhatsApp? (4 okt)
https://krebsonsecurity.com/2021/10/what-happened-to-facebook-instagram-whatsapp/
It-expert: ”Det här varade extremt länge” (5 okt)
https://www.svd.se/haveriet-vittnar-om-hur-valdigt-sarbara-vi-ar
Web Scrapers Claim to Possess and Sell Personal Data on 1.5 Billion Facebook Users on a Hacker Forum (7 okt)
https://www.privacyaffairs.com/facebook-data-sold-on-hacker-forum/
More details about the October 4 outage (5 okt) https://engineering.fb.com/2021/10/05/networking-traffic/outage-details/
Informationssäkerhet och blandat
Confronting the challenges of working in cyberspace (4 okt)
https://www.osce.org/blog/confronting-the-challenges-of-working-in-cyberspace
CIS Control 07: Continuous Vulnerability Management (6 okt)
https://www.tripwire.com/state-of-security/controls/cis-control-07/
A holistic approach to vulnerability management solidifies cyberdefenses (7 okt)
https://www.techrepublic.com/article/a-holistic-approach-to-vulnerability-management-solidifies-cyberdefenses/
Kunduppgifter kan ha läckt från nätmäklare (7 okt)
https://www.dn.se/ekonomi/kunduppgifter-kan-ha-lackt-fran-natmaklare/
Fälls för intrång i dubbelmördarens journal (8 okt) https://www.svd.se/falls-for-intrang-i-dubbelmordarens-journal
Welcome to the OWASP Top 10 - 2021
https://owasp.org/Top10/