CERT-SE:s veckobrev v.44

Veckobrev

Som vanligt kommer här CERT-SE:s veckobrev med omvärldsbevakning, som förhoppningsvis kan bidra något till att förhindra exploatering av it-miljön. Veckans nyheter handlar bland annat om olika incidenter, vad angriparna har för sig och ett par små guider för hur man känner igen phishing och minskar risken från kända sårbarheter.

Trevlig helg önskar CERT-SE!

Nyheter i veckan

UPDATE: EU’s Green Pass Vaccination ID Private Key Leaked or Forged (28 okt)
https://threatpost.com/eus-green-pass-vaccination-id-private-key-leaked/175857/

Hive ransomware now encrypts Linux and FreeBSD systems (29 okt)
https://www.bleepingcomputer.com/news/security/hive-ransomware-now-encrypts-linux-and-freebsd-systems/

Tekniska problem för Swedbank i flera timmar – löst vid lunchtid (1 nov)
https://www.dn.se/ekonomi/tekniska-problem-hos-swedbank/

‘Into contingency mode’: Newfoundland and Labrador’s health system devastated by cyberattack (1 nov)
https://www.saltwire.com/atlantic-canada/news/into-contingency-mode-newfoundland-and-labradors-health-system-devastated-by-cyberattack-100652575/

Microsoft: This macOS flaw could have let attackers install undetectable malware (1 nov)
https://www.zdnet.com/article/microsoft-this-macos-flaw-could-have-let-attackers-install-undetectable-malware/

Roblox CEO apologies after three-day blackout (2 nov)
https://www.bbc.com/news/technology-59120085

Cybercriminals sell access to international shipping, logistics giants (2 nov)
https://www.zdnet.com/article/cybercriminals-flog-access-to-international-shipping-logistics-giants-in-the-underground/

Israelisk dejtingsajt för hbtq-personer hackad (2 nov)
https://www.dn.se/varlden/israelisk-dejtingsajt-for-hbtq-personer-hackad/

Facebook Drops Facial Recognition to Tag People in Photos (2 nov)
https://www.wired.com/story/facebook-drops-facial-recognition-tag-people-photos/ .. Facebook is backing away from facial recognition. Meta isn’t. (3 nov)
https://www.vox.com/recode/22761598/facebook-facial-recognition-meta

Group Behind SolarWinds Hack Now Targeting Microsoft Mailbox Owners (2 nov)
https://tech.co/news/solarwinds-hack-group-targeting-microsoft-mailbox

NCSC statement on cyber incident affecting the Labour Party (3 nov)
https://www.ncsc.gov.uk/news/labour-party-incident .. Notification of data incident https://labour.org.uk/about-your-data/

A ransomware gang shut down after Cybercom hijacked its site and it discovered it had been hacked (3 nov)
https://www.washingtonpost.com/national-security/cyber-command-revil-ransomware/2021/11/03/528e03e6-3517-11ec-9bc4-86107e7b0ab1_story.html

BlackMatter ransomware crew shuts down, leaves victims in a bind (3 nov)
https://www.computerweekly.com/news/252508990/BlackMatter-ransomware-crew-shuts-down-leaves-victims-in-a-bind

Microsoft warns Windows 11 features are failing due to its expired certificate (4 nov)
https://www.theverge.com/2021/11/4/22763641/microsoft-windows-11-expired-certificate-snipping-tool-emoji-picker-issues

These Parents Built a School App. Then the City Called the Cops (4 nov)
https://www.wired.co.uk/article/sweden-stockholm-school-app-open-source

Hackers gained access to mySA Gov accounts, including licence and rego details (4 nov)
https://www.zdnet.com/article/hackers-gained-access-to-mysa-gov-accounts-including-licence-and-rego-details/

Informationssäkerhet och blandat

Trojan Source (1 nov)
https://kryptera.se/trojan-source/

Is that suspicious email in your inbox a phishing scam? (1 nov)
https://www.popsci.com/technology/identify-phishing-emails/

Nomineringen till Årets tech-tjej 2022 har öppnat (2 nov)
https://www.aktuellsakerhet.se/nomineringen-till-arets-tech-tjej-2022-har-oppnat/

Hackers-for-Hire drive the Evolution of the New ENISA Threat Landscape (27 okt)
https://www.enisa.europa.eu/news/enisa-news/hackers-for-hire-drive-the-evolution-of-the-new-enisa-threat-landscape

Reducing the Significant Risk of Known Exploited Vulnerabilities (3 nov)
https://cyber.dhs.gov/bod/22-01/

What is NZ’s Cyber Security Emergency Response Plan? (3 nov)
https://channellife.co.nz/story/what-is-nz-s-cyber-security-emergency-response-plan

CERT-SE i veckan

Kritiska sårbarheter i Cisco-produkter