CERT-SE:s veckobrev v.3

Veckobrev

I veckans nyhetsflöde hittar vi flera artiklar om cyberkriminella som arresterats och Europol rapporterar att VPNLab.net stängts ner. Givetvis har det även skrivits om angreppen mot ukrainska myndigheter och även Röda korset har blivit utsatta för intrång.

Trevlig helg önskar CERT-SE!

Nyheter i veckan

Linux-Targeted Malware Increases by 35% in 2021: XorDDoS, Mirai and Mozi Most Prevalent (13 jan)
https://www.crowdstrike.com/blog/linux-targeted-malware-increased-by-35-percent-in-2021/

Kalix kommun snart i kapp efter it-attacken i december (14 jan)
https://www.dn.se/sverige/kalix-kommun-snart-i-kapp-efter-it-attacken-i-december/

Destructive malware targeting Ukrainian organizations (15 jan)
https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/

At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates (14 jan)
https://krebsonsecurity.com/2022/01/at-request-of-u-s-russia-rounds-up-14-revil-ransomware-affiliates/

Russia detains six more suspected REvil group members (15 jan)
https://www.reuters.com/world/europe/russia-detains-three-more-suspected-revil-group-members-2022-01-15/

Undersea cable fault could cut off Tonga from rest of the world for weeks (18 jan)
https://www.reuters.com/markets/funds/undersea-cable-fault-could-cut-off-tonga-rest-world-weeks-2022-01-18/

It-avbrott i Region Blekinge avhjälpt (19 jan)
https://regionblekinge.se/om-webbplatsen/nyheter/nyheter-och-pressmeddelande/2022-01-19-it-avbrott-i-region-blekinge-avhjalpt.html

Sophisticated cyber-attack targets Red Cross Red Crescent data on 500,000 people (19 jan)
https://www.icrc.org/en/document/sophisticated-cyber-attack-targets-red-cross-red-crescent-data-500000-people

Nigerian cybercrime fraud: 11 suspects arrested, syndicate busted (19 jan)
https://www.interpol.int/News-and-Events/News/2022/Nigerian-cybercrime-fraud-11-suspects-arrested-syndicate-busted

Winter Olympics: Athletes advised to use burner phones in Beijing (19 jan)
https://www.bbc.com/news/world-asia-china-60034013

Unhappy New Year for cybercriminals as VPNLab.net goes offline (20 jan)
https://www.europol.europa.eu/media-press/newsroom/news/unhappy-new-year-for-cybercriminals-vpnlabnet-goes-offline

Riksdagsseminarium kapat – nazistiska symboler visades (20 jan)
https://www.svt.se/nyheter/riksdagsseminarium-kapat-nazistiska-symboler-visades

UK, Australia, to build ‘network of liberty that will deter cyber attacks before they happen’ (21 jan)
https://www.theregister.com/2022/01/21/uk_australia_cyber_and_critical_technology_partnership/

Informationssäkerhet och blandat

Actions to take when the cyber threat is heightened (17 jan)
https://www.ncsc.gov.uk/guidance/actions-to-take-when-the-cyber-threat-is-heightened

New Ransomware Spotted: White Rabbit and Its Evasion Tactics (18 jan)
https://www.trendmicro.com/en_no/research/22/a/new-ransomware-spotted-white-rabbit-and-its-evasion-tactics.html

CISA Urges Organizations to Implement Immediate Cybersecurity Measures to Protect Against Potential Threats (18 jan)
https://www.cisa.gov/uscert/ncas/current-activity/2022/01/18/cisa-urges-organizations-implement-immediate-cybersecurity

Cybercriminals Tampering with QR Codes to Steal Victim Funds (18 jan)
https://www.ic3.gov/Media/Y2022/PSA220118

Cyber Insights 2022: Supply Chain (18 jan)
https://www.securityweek.com/cyber-insights-2022-supply-chain

A Trip to the Dark Site — Leak Sites Analyzed (19 jan)
https://thehackernews.com/2022/01/a-trip-to-dark-site-leak-sites-analyzed.html

Business communications - SMS and telephone best practice (19 jan)
https://www.ncsc.gov.uk/guidance/business-communications-sms-and-telephone-best-practice

Så håller du reda på dina lösenord (20 jan)
https://www.tv4play.se/program/nyhetsmorgon/s%C3%A5-h%C3%A5ller-du-reda-p%C3%A5-dina-l%C3%B6senord/13742958

DHL Replaces Microsoft as Most Imitated Brand in Phishing Attempts in Q4 2021
https://blog.checkpoint.com/2022/01/17/dhl-replaces-microsoft-as-most-imitated-brand-in-phishing-attempts-in-q4-2021/

CERT-SE i veckan

Oracles kvartalsvisa säkerhetsuppdatering för januari 2022

Problem i Safari kan medföra informationsläckage