CERT-SE:s veckobrev v.44
Som vanligt kommer här CERT-SE:s veckobrev med omvärldsbevakning, som förhoppningsvis kan bidra något till att förhindra exploatering av it-miljön. Veckans nyheter handlar bland annat om olika incidenter, vad angriparna har för sig och ett par små guider för hur man känner igen phishing och minskar risken från kända sårbarheter.
Trevlig helg önskar CERT-SE!
Nyheter i veckan
UPDATE: EU’s Green Pass Vaccination ID Private Key Leaked or Forged (28 okt)
https://threatpost.com/eus-green-pass-vaccination-id-private-key-leaked/175857/
Hive ransomware now encrypts Linux and FreeBSD systems (29 okt)
https://www.bleepingcomputer.com/news/security/hive-ransomware-now-encrypts-linux-and-freebsd-systems/
Tekniska problem för Swedbank i flera timmar – löst vid lunchtid (1 nov)
https://www.dn.se/ekonomi/tekniska-problem-hos-swedbank/
‘Into contingency mode’: Newfoundland and Labrador’s health system devastated by cyberattack (1 nov)
https://www.saltwire.com/atlantic-canada/news/into-contingency-mode-newfoundland-and-labradors-health-system-devastated-by-cyberattack-100652575/
Microsoft: This macOS flaw could have let attackers install undetectable malware (1 nov)
https://www.zdnet.com/article/microsoft-this-macos-flaw-could-have-let-attackers-install-undetectable-malware/
Roblox CEO apologies after three-day blackout (2 nov)
https://www.bbc.com/news/technology-59120085
Cybercriminals sell access to international shipping, logistics giants (2 nov)
https://www.zdnet.com/article/cybercriminals-flog-access-to-international-shipping-logistics-giants-in-the-underground/
Israelisk dejtingsajt för hbtq-personer hackad (2 nov)
https://www.dn.se/varlden/israelisk-dejtingsajt-for-hbtq-personer-hackad/
Facebook Drops Facial Recognition to Tag People in Photos (2 nov)
https://www.wired.com/story/facebook-drops-facial-recognition-tag-people-photos/
..
Facebook is backing away from facial recognition. Meta isn’t. (3 nov)
https://www.vox.com/recode/22761598/facebook-facial-recognition-meta
Group Behind SolarWinds Hack Now Targeting Microsoft Mailbox Owners (2 nov)
https://tech.co/news/solarwinds-hack-group-targeting-microsoft-mailbox
NCSC statement on cyber incident affecting the Labour Party (3 nov)
https://www.ncsc.gov.uk/news/labour-party-incident
..
Notification of data incident
https://labour.org.uk/about-your-data/
A ransomware gang shut down after Cybercom hijacked its site and it discovered it had been hacked (3 nov)
https://www.washingtonpost.com/national-security/cyber-command-revil-ransomware/2021/11/03/528e03e6-3517-11ec-9bc4-86107e7b0ab1_story.html
BlackMatter ransomware crew shuts down, leaves victims in a bind (3 nov)
https://www.computerweekly.com/news/252508990/BlackMatter-ransomware-crew-shuts-down-leaves-victims-in-a-bind
Microsoft warns Windows 11 features are failing due to its expired certificate (4 nov)
https://www.theverge.com/2021/11/4/22763641/microsoft-windows-11-expired-certificate-snipping-tool-emoji-picker-issues
These Parents Built a School App. Then the City Called the Cops (4 nov)
https://www.wired.co.uk/article/sweden-stockholm-school-app-open-source
Hackers gained access to mySA Gov accounts, including licence and rego details (4 nov)
https://www.zdnet.com/article/hackers-gained-access-to-mysa-gov-accounts-including-licence-and-rego-details/
Informationssäkerhet och blandat
Trojan Source (1 nov)
https://kryptera.se/trojan-source/
Is that suspicious email in your inbox a phishing scam? (1 nov)
https://www.popsci.com/technology/identify-phishing-emails/
Nomineringen till Årets tech-tjej 2022 har öppnat (2 nov)
https://www.aktuellsakerhet.se/nomineringen-till-arets-tech-tjej-2022-har-oppnat/
Hackers-for-Hire drive the Evolution of the New ENISA Threat Landscape (27 okt)
https://www.enisa.europa.eu/news/enisa-news/hackers-for-hire-drive-the-evolution-of-the-new-enisa-threat-landscape
Reducing the Significant Risk of Known Exploited Vulnerabilities (3 nov)
https://cyber.dhs.gov/bod/22-01/
What is NZ’s Cyber Security Emergency Response Plan? (3 nov)
https://channellife.co.nz/story/what-is-nz-s-cyber-security-emergency-response-plan