CERT-SE:s veckobrev v.8
Mycket fokus på Ukraina den här veckan av förklarliga skäl. Vi påminner om vikten av att uppdatera sårbara system och se över cyberhygienen.
Trevlig helg önskar CERT-SE!
Nyheter i veckan
Searching for Suzy Thunder (26 jan)
https://www.theverge.com/c/22889425/susy-thunder-headley-hackers-phone-phreakers-claire-evans
The TrickBot Saga’s Finale Has Aired: Spinoff is Already in the Works (16 feb)
https://www.advintel.io/post/the-trickbot-saga-s-finale-has-aired-but-a-spinoff-is-already-in-the-works
DOJ beefs up efforts to combat criminal use of cryptocurrencies (17 feb)
https://www.cyberscoop.com/doj-combat-criminal-cryptocurrency-ransomware/
Free Cybersecurity Services and Tools (18 feb)
https://www.cisa.gov/free-cybersecurity-services-and-tools
Why You Need An Adversary-First Approach to Threats in the Cloud (18 feb)
https://www.darkreading.com/crowdstrike/why-you-need-an-adversary-first-approach-to-threats-in-the-cloud
Microsoft aims to improve anti-phishing MFA for White House ‘zero trust’ push (18 feb)
https://www.zdnet.com/article/microsoft-aims-to-improve-anti-phishing-multi-factor-authentication-for-white-house-zero-trust-push/
IT-strul slog ut kortbetalning på bensinstationer i hela landet (18 feb)
https://sverigesradio.se/artikel/it-strul-hos-flera-bensinstationer-gar-inte-att-tanka-med-kort
New Android Banking Trojan Spreading via Google Play Store Targets Europeans (21 feb)
https://thehackernews.com/2022/02/xenomorph-android-banking.html
Expeditors shuts down global operations after likely ransomware attack (21 feb)
https://www.bleepingcomputer.com/news/security/expeditors-shuts-down-global-operations-after-likely-ransomware-attack/
”Vilka kompetenser och färdigheter söker Sveriges säkerhets- och försvarsföretag?” (22 feb)
https://soff.se/vara-fragor/cyberforsvar/cyberkompetens/
A New Cybersecurity “Social Contract” (22 feb)
https://www.schneier.com/blog/archives/2022/02/a-new-cybersecurity-social-contract.html
Asustor network storage devices are being hit by a nasty ransomware attack (22 feb)
https://www.theverge.com/2022/2/22/22945962/asustor-nas-deadbolt-ransomware-attack
A security technique to fool would-be cyber attackers (23 feb)
https://news.mit.edu/2022/cyber-security-attackers-0223
Många ransomware-offer betalar – men då vill utpressarna ha mer (23 feb)
https://computersweden.idg.se/2.2683/1.763016/manga-ransomware-offer-betalar–da-vill-utpressarna-ha-mer
Nästan 100 000 nya varianter av banktrojaner upptäcktes under 2021 (23 feb)
https://computersweden.idg.se/2.2683/1.763006/nastan-100-000-nya-varianter-av-banktrojaner-upptacktes-under-2021
Axis utsatta för cyberattack – ”svårt att säga när allt fungerar som vanligt” (23 feb)
https://computersweden.idg.se/2.2683/1.763033/axis-utsatta-for-cyberattack–storningar-i-flera-system
New Sandworm malware Cyclops Blink replaces VPNFilter (23 feb)
https://www.ncsc.gov.uk/news/joint-advisory-shows-new-sandworm-malware-cyclops-blink-replaces-vpnfilter
Dridex bots deliver Entropy ransomware in recent attacks (23 feb)
https://news.sophos.com/en-us/2022/02/23/dridex-bots-deliver-entropy-ransomware-in-recent-attacks/
Nasty new malware will seize control of your social media accounts (24 feb)
https://www.techradar.com/news/nasty-new-malware-will-seize-control-of-your-social-media-accounts
Ukraina
Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure (20 feb)
https://www.cisa.gov/sites/default/files/publications/cisa_insight_mitigating_foreign_influence_508.pdf
Technical Analysis of the DDoS Attacks against Ukrainian Websites (20 feb)
https://www.cadosecurity.com/technical-analysis-of-the-ddos-attacks-against-ukrainian-websites/
Ukraine: EU deploys cyber rapid-response team (23 feb)
https://www.bbc.com/news/technology-60484979
FBI varnar för nya cyberattacker från Ryssland (23 feb)
https://www.nyteknik.se/sakerhet/fbi-varnar-for-nya-cyberattacker-fran-ryssland-7029170
Falska påståenden som hittills spridits under Ukrainakriget (24 feb)
https://www.dn.se/varlden/falska-pastaenden-som-hittills-spridits-under-ukrainakriget/
It-analytikern efter invasionen av Ukraina: ”Det kommer få gigantiska konsekvenser” (24 feb)
https://computersweden.idg.se/2.2683/1.763089/it-analytikern-chocksanker-prognosen-det-kommer-fa-gigantiska-konsekvenser
Ransomware used as decoy in data-wiping attacks on Ukraine (24 feb)
https://www.bleepingcomputer.com/news/security/ransomware-used-as-decoy-in-data-wiping-attacks-on-ukraine/
EU cyber-response team deployed (25 feb)
https://www.itsecurityguru.org/2022/02/23/eu-cyber-response-team-deployed/
Ukraine calls on hacker underground to defend against Russia (25 feb)
https://www.reuters.com/world/exclusive-ukraine-calls-hacker-underground-defend-against-russia-2022-02-24/
Putin Warns Russian Critical Infrastructure to Brace for Potential Cyber Attacks (25 feb)
https://thehackernews.com/2022/02/putin-warns-russian-critical.html
FAQ on cyber attacks related to invasion of Ukraine (25 feb)
https://blog.f-secure.com/faq-on-cyber-attacks-related-to-invasion-of-ukraine/
Informationssäkerhet och blandat
När ska vi börja ta it-säkerhet på allvar? (21 feb)
https://www.dn.se/ledare/isobel-hadley-kamptz-nar-ska-vi-borja-ta-it-sakerhet-pa-allvar/
Inte bara mejl – nu använder nätbedragare videomöten också (22 feb)
https://computersweden.idg.se/2.2683/1.762969/inte-bara-mejl–nu-anvander-natbedragare-videomoten-ocksa
DNA data of sexual assault victims exposed in breach at US laboratory (25 feb)
https://portswigger.net/daily-swig/dna-data-of-sexual-assault-victims-exposed-in-breach-at-us-laboratory
CERT-SE i veckan
De mest kritiska sårbarheterna under 2021 är fortsatt aktuella - se till att uppdatera nu