CERT-SE:s veckobrev v.42

Veckobrev

Cybersäkerhetsmånaden rullar på med flera bra initiativ för att höja medvetenheten. SVT:s programserie “Hackad” bidrar med ökad kunskap mot allmänheten och när det gäller CERT-SE:s CTF så säger en bild mer än tusen ord.

Trevlig helg!

Nyheter i veckan

Woman Allegedly Hacked Flight School, Cleared Planes With Maintenance Issues to Fly (12 okt)
https://www.vice.com/en/article/bvzwv5/woman-allegedly-hacked-flight-school-cleared-planes-with-maintenance-issues-to-fly

Fraudsters Cloned Company Director’s Voice In $35 Million Bank Heist, Police Find (14 okt)
https://www.forbes.com/sites/thomasbrewster/2021/10/14/huge-bank-fraud-uses-deep-fake-voice-tech-to-steal-millions/

This new phishing attack features a weaponized Excel file (18 okt)
https://www.zdnet.com/article/this-particularly-dangerous-phishing-attack-features-a-weaponized-excel-file/

University still recovering from major cyberattack that disrupted IT systems (18 okt)
https://www.zdnet.com/article/university-still-recovering-from-major-cyberattack-that-disrupted-it-systems/

British NCSC Chief Describes Russian Attacks As ‘Devastating’ (18 okt)
https://www.cybersecurityintelligence.com/blog/british-ncsc-chief-describes-russian-attacks-as-devastating-5922.html

25-åring ska ha attackerat servrar - kostade företag över en miljon (18 okt)
https://sverigesradio.se/artikel/25-aring-attackerade-servrar-kostade-foretag-over-en-miljon

University of Pittsburgh Medical Center Hacker Sentenced to Prison (19 okt)
https://www.securityweek.com/university-pittsburgh-medical-center-hacker-sentenced-prison

It-haveri på Transportstyrelsen – 37 000 fordon riskerar körförbud (19 okt)
https://www.dn.se/sverige/it-haveri-pa-transportstyrelsen-37-000-fordon-riskerar-korforbud/

South African police arrest eight romance scammers for stealing $6.85 million (19 okt)
https://therecord.media/south-african-police-arrest-eight-romance-scammers-for-stealing-6-85-million/

LightBasin: A Roaming Threat to Telecommunications Companies (19 okt)
https://www.crowdstrike.com/blog/an-analysis-of-lightbasin-telecommunications-attacks/

Forskaren om största hackarhoten: Har lyckats ta över pacemakers (20 okt)
https://www.svt.se/nyheter/inrikes/forskaren-om-storsta-hackerhoten-har-lyckats-hacka-pacemakers

Supply chain attacks are the hacker’s new favourite weapon. And the threat is getting bigger (20 okt)
https://www.zdnet.com/article/supply-chain-attacks-are-the-hackers-new-favourite-weapon-and-the-threat-is-getting-bigger/

Phishing campaign targets YouTube creators with cookie theft malware (20 okt)
https://blog.google/threat-analysis-group/phishing-campaign-targets-youtube-creators-cookie-theft-malware/

New Gummy Browsers attack lets hackers spoof tracking profiles (20 okt)
https://www.bleepingcomputer.com/news/security/new-gummy-browsers-attack-lets-hackers-spoof-tracking-profiles/

Commerce Tightens Export Controls on Items Used in Surveillance of Private Citizens and other Malicious Cyber Activities (20 okt)
https://www.commerce.gov/news/press-releases/2021/10/commerce-tightens-export-controls-items-used-surveillance-private

Problems with Multifactor Authentication (21 okt)
https://www.schneier.com/blog/archives/2021/10/problems-with-multifactor-authentication.html

Ransomware

US links $5.2 billion worth of Bitcoin transactions to ransomware (15 okt)
https://www.bleepingcomputer.com/news/security/us-links-52-billion-worth-of-bitcoin-transactions-to-ransomware/
…FinCEN Report: https://www.fincen.gov/sites/default/files/2021-10/Financial%20Trend%20Analysis_Ransomware%20508%20FINAL.pdf– …Kraftig ökning av ransomware-betalningar (17 okt) https://www.di.se/nyheter/kraftig-okning-av-ransomware-betalningar/

Cyber risk trends driving the surge in ransomware incidents (18 okt) https://www.helpnetsecurity.com/2021/10/18/five-ransomware-trends/

U.S. TV station operator Sinclair hit by ransomware attack (18 okt)
https://www.reuters.com/technology/us-tv-station-operator-sinclair-hit-by-ransomware-attack-2021-10-18/

BlackByte ransomware decryptor released (18 okt)
https://www.zdnet.com/article/blackbyte-ransomware-decryptor-released/

Alert (AA21-291A)| BlackMatter Ransomware (18 okt)
https://us-cert.cisa.gov/ncas/alerts/aa21-291a

REvil ransomware group goes dark after its Tor sites were hijacked (18 okt)
https://techcrunch.com/2021/10/18/revil-ransomware-group-goes-dark-after-its-tor-sites-were-hijacked/

Pressas på pengar av hackare – få vågar anmäla (19 okt)
https://www.svd.se/pressas-pa-pengar-av-hackare–fa-vagar-anmala

When Ransomware Hits Rural America (19 okt)
https://therecord.media/when-ransomware-hits-rural-america/

More Attempted Cyberattacks on Israeli Healthcare Entities (19 okt)
https://www.govinfosecurity.com/more-attempted-cyberattacks-on-israeli-healthcare-entities-a-17762
…Ransomware cyber attack on Hillel Yaffe computer systems (13 okt)
https://hy.health.gov.il/eng/?CategoryID=23&ArticleID=891

EXCLUSIVE Governments turn tables on ransomware gang REvil by pushing it offline (22 okt)
https://www.reuters.com/technology/exclusive-governments-turn-tables-ransomware-gang-revil-by-pushing-it-offline-2021-10-21/

Informationssäkerhet och blandat

Former Malware Distributor Kape Technologies Now Owns ExpressVPN, CyberGhost, Private Internet Access, Zenmate, and a Collection of VPN “Review” Websites (15 sep)
https://restoreprivacy.com/kape-technologies-owns-expressvpn-cyberghost-pia-zenmate-vpn-review-sites/

CERT NZ Challenges New Zealanders To Cyber Up For Cyber Smart Week (18 okt)
https://www.scoop.co.nz/stories/SC2110/S00050/cert-nz-challenges-new-zealanders-to-cyber-up-for-cyber-smart-week.htm

SVT - Hackad
https://www.svtplay.se/hackad

Therese Lindgren om risken för att bli hackad: ”Folk försöker dagligen” (19 okt)
https://www.svt.se/nyheter/inrikes/therese-lindgren-om-risken-for-att-bli-hackad-jag-ar-valdigt-utsatt

Debatt | Säkerhetsexperter: Sverige behöver ett cyberförsvarscampus (19 okt)
https://www.altinget.se/artikel/sakerhetsexperter-sverige-behover-ett-cyberforsvarscampus

It Should Be ‘Cybersecurity Culture Month’ (19 okt)
https://securityweekly.com/2021/10/19/it-should-be-cybersecurity-culture-month/

Enkät: Hur slarvig är du med lösenorden? (19 okt)
https://www.svt.se/nyheter/inrikes/hur-val-hanterar-du-dina-losenord

CERT-SE i veckan

Flera sårbarheter i Cisco-produkter

Oracles kvartalsvisa säkerhetsuppdatering för oktober 2021