CERT-SE:s veckobrev v.49

Veckobrev

Idag är det inte bara fredag, det är även Nobeldagen! Det skulle vi gärna fira med att ge ett pris till alla hjältar som säkerhetsuppdaterar sårbarheter i sina system, men i stället bjuder vi på CERT-SE:s nyhetsbrev.

Trevlig läsning!

Nyheter i veckan

Researchers Find 226 Vulnerabilities in Nine Wi-Fi Routers (3 dec)
https://www.securityweek.com/researchers-find-226-vulnerabilities-nine-wi-fi-routers

iPhones of US diplomats hacked using “0-click” exploits from embattled NSO (3 dec)
https://arstechnica.com/information-technology/2021/12/iphones-of-us-diplomats-hacked-using-0-click-exploits-from-embattled-nso/

Cyberattack freezes Maryland health department (5 dec)
https://www.washingtonpost.com/dc-md-va/2021/12/05/maryland-health-department-cyberattack/

Cuba ransomware gang scores almost $44m in ransom payments across 49 orgs, say Feds (6 dec)
https://www.theregister.com/2021/12/06/cuba_ransomware_gang_scores_almost/

Information till gäster angående virusattack (6 dec)
https://www.nordicchoicehotels.se/blog/information/virusattack

Spar shops across northern England shut after cyber attack hits payment processing abilities (6 dec)
https://www.theregister.com/2021/12/06/spar_cyber_attack/

Spar cyber attack hits more than 300 convenience stores (7 dec)
https://www.bbc.com/news/uk-england-lancashire-59554433

Nobelium APT targets French orgs, French ANSSI agency warns (6 dec)
https://securityaffairs.co/wordpress/125342/apt/nobelium-targets-french-orgs.html

Report| Phishing campaigns by the Nobelium intrusion set
https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-011.pdf

Google temporarily disrupts a botnet that infected 1 million PCs (7 dec)
https://www.engadget.com/google-disrupts-glupteba-botnet-202342050.html

Ny allvarlig sårbarhet i Grafana (7 dec)
https://kryptera.se/ny-allvarlig-sarbarhet-i-grafana/

Log4Shell: RCE 0-day exploit found in log4j, a popular Java logging package (9 dec)
https://www.lunasec.io/docs/blog/log4j-zero-day/

Så granskade vi Regeringskansliets mejlskydd (9 dec)
https://sverigesradio.se/artikel/sa-granskade-vi-regeringskansliets-mejlskydd

Ekot kunde mejla som försvarsministern (9 dec)
https://sverigesradio.se/artikel/ekot-kunde-mejla-som-forsvarsministern

Australian Electricity Provider ‘CS Energy’ Hit by Ransomware (9 dec)
https://www.securityweek.com/australian-electricity-provider-cs-energy-hit-ransomware

General notification from Vestas Wind Systems A/S (8 dec)
https://www.vestas.com/en/pages/personal-data-notification

Informationssäkerhet och blandat

Who Is the Network Access Broker ‘Babam’? (3 dec)
https://krebsonsecurity.com/2021/12/who-is-the-network-access-broker-babam/

Top Cybersecurity Accounts to Follow on Twitter (4 dec)
https://www.esecurityplanet.com/trends/twitter-cybersecurity/

Vårdanställd läste vänners journaler (5 dec)
https://www.aftonbladet.se/nyheter/a/a7qvJ2/vardanstalld-laste-vanners-journaler

Coromatic tog hem PTS stadsnätsupphandling (6 dec)
https://computersweden.idg.se/2.2683/1.759915/coromatic-tog-hem-pts-stadsnatsupphandling

2022 and the threat landscape: The top 5 future cybersecurity challenges (6 dec)
https://www.helpnetsecurity.com/2021/12/06/2022-cybersecurity-challenges/

Canada Charges Its “Most Prolific Cybercriminal” (8 dec)
https://krebsonsecurity.com/2021/12/canada-charges-its-most-prolific-cybercriminal/

Winning the war on ransomware (9 dec)
https://www.theverge.com/22822884/us-government-department-of-justice-ransomware-digital-extortion-task-force-report-2021

CERT-SE i veckan

Kritisk sårbarhet i Apache Log4j

Kritiska sårbarheter i SonicWall SMA 100 series

Zero day-sårbarhet i Grafana

Allvarlig sårbarhet i VMware vCenter