CERT-SE:s veckobrev v.48

Veckobrev

Inför andra advent tipsar vi om ett par guider som syftar till att öka säkerhetsmedvetandet hos såväl organisationer som privatpersoner, en ny rapport om digitala leveranskedjor samt nya varningar om Flubot. Se alltså upp med konstiga sms-meddelanden nu när tomten ska leverera alla julklappar.

Trevlig helg önskar CERT-SE!

Nyheter i veckan

IKEA email systems hit by ongoing cyberattack (26 nov)
https://www.bleepingcomputer.com/news/security/ikea-email-systems-hit-by-ongoing-cyberattack/

Cryptominers and ransomware on the rise in Q3 2021 (29 nov)
https://www.pcr-online.biz/2021/11/29/cryptominers-and-ransomware-on-the-rise-in-q3-2021/

Continuing the Bazar Ransomware Story (29 nov)
https://thedfirreport.com/2021/11/29/continuing-the-bazar-ransomware-story/

Panasonic confirms cyberattack and data breach (29 nov)
https://www.zdnet.com/article/panasonic-confirms-cyberattack-and-data-breach/

Wind turbine maker Vestas confirms recent security incident was ransomware (29 nov)
https://www.theregister.com/2021/11/29/wind_turbine_maker_vestas_confirms/

Second update on cyber incident (29 nov)
https://www.vestas.com/en/media/company-news/2021/second-update-on-cyber-incident-c3462120

1,000 arrests made in online fraud crackdown, says Interpol (29 nov)
https://www.zdnet.com/article/1000-arrests-made-in-online-fraud-crackdown-says-interpol/

More than 1,000 arrests and USD 27 million intercepted in massive financial crime crackdown (26 nov)
https://www.interpol.int/en/News-and-Events/News/2021/More-than-1-000-arrests-and-USD-27-million-intercepted-in-massive-financial-crime-crackdown

MSB | Incidenter i digitala leveranskedjor kan orsaka stor samhällsskada (30 nov)
https://www.msb.se/sv/aktuellt/nyheter/2021/november/incidenter-i-digitala-leveranskedjor-kan-orsaka-stor-samhallsskada/

Försäkringsbolag vill dra in skydd för cyberattacker från stater (1 dec)
https://computersweden.idg.se/2.2683/1.759680/forsakringsbolag-vill-dra-in-skydd-for-cyberattacker-fran-stater

CISA Adds Five Known Exploited Vulnerabilities to Catalog (1 dec)
https://us-cert.cisa.gov/ncas/current-activity/2021/12/01/cisa-adds-five-known-exploited-vulnerabilities-catalog

Emotet now spreads via fake Adobe Windows App Installer packages (1 dec)
https://www.bleepingcomputer.com/news/security/emotet-now-spreads-via-fake-adobe-windows-app-installer-packages/

Injection is the New Black: Novel RTF Template Inject Technique Poised for Widespread Adoption Beyond APT Actors (1 dec)
https://www.proofpoint.com/us/blog/threat-insight/injection-new-black-novel-rtf-template-inject-technique-poised-widespread

Trilsk trojan sms-bombar miljontals finländare (1 dec)
https://computersweden.idg.se/2.2683/1.759696/flubot-finland

FluBot malware warning after 70,000 attacks launched over SMS (2 dec)
https://www.tripwire.com/state-of-security/security-data-protection/flubot-malware-warning-after-70000-attacks-launched-over-sms/

Vi publicerade en allvarlig varning om skadlig programvara som sprids via SMS (26 nov)
https://www.kyberturvallisuuskeskus.fi/sv/aktuellt/vi-publicerade-en-allvarlig-varning-om-skadlig-programvara-som-sprids-sms

Three key ransomware actors changed jobs on October 18 – the same day REvil went dark (2 dec)
https://www.theregister.com/2021/12/02/ransomware_forums_revealed/

European Cybercrime Centre confident it’s kicked credit card crims – again (2 dec)
https://www.theregister.com/2021/12/02/european_cybercrime_centre_carding_action_2021/

It-attack slår mot hotellkedja (2 dec)
https://www.dn.se/ekonomi/it-attack-slar-mot-hotellkedja/

Hackers are turning to this simple technique to install their malware on PCs (2 dec)
https://www.zdnet.com/article/hackers-are-turning-to-this-simple-technique-to-install-their-malware-on-pcs/

Cyberhoten mot kritisk infrastruktur ökar – ny rapport slår larm (2 dec)
https://computersweden.idg.se/2.2683/1.759742/cyberhoten-mot-kritisk-infrastruktur-okar–ny-rapport-slar-larm

Gartner Predicts 30% of Critical Infrastructure Organizations Will Experience a Security Breach by 2025 (2 dec)
https://www.gartner.com/en/newsroom/press-releases/2021-12-2-gartner-predicts-30–of-critical-infrastructure-organi

Australia passes bill allowing it to impose sanctions for cyber-attacks (2 dec)
https://therecord.media/australia-passes-bill-allowing-it-to-impose-sanctions-for-cyber-attacks/

Tillslag mot digitala utpressare – miljoner i beslag och flera gripna (2 dec)
https://www.dn.se/ekonomi/tillslag-mot-digitala-utpressare-miljoner-i-beslag-och-flera-gripna/

Ransomware attack on Planned Parenthood steals data of 400,000 patients (2 dec)
https://arstechnica.com/information-technology/2021/12/ransomware-attack-on-planned-parenthood-steals-data-of-400000-patients/

Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach” (2 dec)
https://krebsonsecurity.com/2021/12/ubiquiti-developer-charged-with-extortion-causing-2020-breach/

Really stupid “smart contract” bug let hackers steal $31 million in digital coin (2 dec)
https://arstechnica.com/information-technology/2021/12/hackers-drain-31-million-from-cryptocurrency-service-monox-finance/

Informationssäkerhet och blandat

UK Ministry of Justice secures HVAC systems ‘protected’ by passwordless Wi-Fi after Register tipoff (23 dnov)
https://www.theregister.com/2021/11/23/unsecured_rcj_hvac_wifi_routers/

Huge fines and a ban on default passwords in new UK law (24 nov)
https://www.bbc.com/news/technology-59400762

New cyber laws to protect people’s personal tech from hackers (24 nov)
https://www.gov.uk/government/news/new-cyber-laws-to-protect-peoples-personal-tech-from-hackers

CISA | Capacity Enhancement Guide: Mobile Device Cybersecurity Checklist for Consumers (30 nov)
https://www.cisa.gov/sites/default/files/publications/CEG_Mobile%20Device%20Cybersecurty%20Checklist%20for%20Consumers.pdf

CISA | Capacity Enhancement Guide: Mobile Device Cybersecurity Checklist for Organizations (30 nov)
https://www.cisa.gov/sites/default/files/publications/CEG_Mobile%20Device%20Cybersecurty%20Checklist%20for%20Organizations.pdf

H-ISAC Releases CISO Guide for Identity-Centric Data Sharing (29 nov)
https://healthitsecurity.com/news/h-isac-releases-ciso-guide-for-identity-centric-data-sharing

Identity, Interoperability, Patient Access and the 21st Century Cures Act: A Health-ISAC Guide for CISOs (29 nov)
https://h-isac.org/wp-content/uploads/2021/11/H-ISAC_CuresAct-Interoperability-White-Paper.pdf

DNA testing service data breach impacting 2.1 million users (1 dec)
https://www.hackread.com/dna-testing-service-data-breach-users-impacted/

Zeroing on Zero-Click Attacks Against Mobile Devices (1 dec)
https://www.csa.gov.sg/singcert/Publications/zeroing-on-zero-click-attacks-against-mobile-attacks

CERT-SE i veckan

SMS-trojanen FluBot är aktiv igen

Cisco-produkter påverkas av sårbarhet i Apache