CERT-SE:s veckobrev v.10

Veckobrev

Lika givet som CERT-SE:s veckobrev på fredagar är Patch-Tuesday. Vi har därmed uppmärksammat flera kritiska sårbarheter. Se våra publiceringar längst ner i veckobrevet.

I dag för precis 70 år sedan, den 11 mars 1952, föds Douglas Adams. Glöm inte din handduk!

Trevlig helg!

Nyheter i veckan

Leaked stolen Nvidia key can sign Windows malware (5 mar)
https://www.theregister.com/2022/03/05/nvidia_stolen_certificate/

SharkBot Banking Malware Spreading via Fake Android Antivirus App on Google Play Store (6 mar)
https://thehackernews.com/2022/03/sharkbot-banking-malware-spreading-via.html

SATCOM terminals under attack in Europe: a plausible analysis. (7 mar)
https://www.reversemode.com/2022/03/satcom-terminals-under-attack-in-europe.html

FBI: Ransomware gang breached 52 US critical infrastructure orgs (7 mar)
https://www.bleepingcomputer.com/news/security/fbi-ransomware-gang-breached-52-us-critical-infrastructure-orgs/

FBI Releases Indicators of Compromise for RagnarLocker Ransomware (8 mar)
https://www.cisa.gov/uscert/ncas/current-activity/2022/03/08/fbi-releases-indicators-compromise-ragnarlocker-ransomware

Exceptionellt mycket observationer av GPS-störningar i närheten av östgränsen (9 mar)
https://www.traficom.fi/sv/aktuellt/exceptionellt-mycket-observationer-av-gps-storningar-i-narheten-av-ostgransen

Alleged hacker behind Kaseya ransomware attack extradited, arraigned in Texas (9 mar)
https://www.zdnet.com/article/alleged-hacker-behind-kaseya-ransomware-attack-extradited-arraigned-in-texas/

Misstänkt för utpressningsattacken som drabbade Coop utvisad till USA (11 mar)
https://www.dn.se/sverige/misstankt-for-utpressningsattacken-som-drabbade-coop-utvisad-till-usa/

Mobile Malware is Surging in Europe: A Look at the Biggest Threats (9 mar)
https://www.proofpoint.com/us/blog/email-and-cloud-threats/mobile-malware-surging-europe-look-biggest-threats

Nearly 30% of critical WordPress plugin bugs don’t get a patch (9 mar)
https://www.bleepingcomputer.com/news/security/nearly-30-percent-of-critical-wordpress-plugin-bugs-dont-get-a-patch/

Threat advisory: Cybercriminals compromise users with malware disguised as pro-Ukraine cyber tools (9 mar)
https://blog.talosintelligence.com/2022/03/threat-advisory-cybercriminals.html

Where’s the Russia-Ukraine Cyberwar? (10 mar)
https://www.schneier.com/blog/archives/2022/03/wheres-the-russia-ukraine-cyberwar.html

Russia creates its own TLS certificate authority to bypass sanctions (10 mar)
https://www.bleepingcomputer.com/news/security/russia-creates-its-own-tls-certificate-authority-to-bypass-sanctions/

BDX utsatt för IT-attack: Tvingas jobba som på 90-talet (11 mar)
https://sverigesradio.se/artikel/bdx-utsatt-for-it-attack-tvingas-jobba-som-pa-90-talet

Överbelastningsattacker

Migrationsverket drabbades av cyberangrepp (7 mar)
https://www.nyteknik.se/sakerhet/migrationsverket-drabbades-av-cyberangrepp-7029846

Myndighet bekräftar: Överbelastningsattack mot flera offentliga webbplatser – sajterna fungerar nu igen (8 mar)
https://svenska.yle.fi/artikel/2019/08/22/myndighet-bekraftar-overbelastningsattack-mot-flera-offentliga-webbplatser

Underrättelsechefen: MSB utsatt för cyberattack (10 mar)
https://sverigesradio.se/artikel/msb-utsatt-for-cyberattack

Informationssäkerhet och blandat

NSA Releases Network Infrastructure Security Guidance (3 mar)
https://www.cisa.gov/uscert/ncas/current-activity/2022/03/03/nsa-releases-network-infrastructure-security-guidance

10 Recommendations To Prepare for an Escalating Cyber Conflict (7 mar)
https://www.truesec.com/hub/blog/10-recommendations-to-prepare-for-an-escalating-cyber-conflict

Bugs in Hello World (8 mar)
https://blog.sunfishcode.online/bugs-in-hello-world/

Emotet Redux (8 mar)
https://blog.lumen.com/emotet-redux/

CERT-EU Security Guidance 22-001 | Cybersecurity mitigation measures against critical threats
https://media.cert.europa.eu/static/WhitePapers/TLP-WHITE-CERT-EU_Security_Guidance-22-001_v1_0.pdf

Consumers don’t think they can dodge identity fraud (11 mar)
https://www.helpnetsecurity.com/2022/03/11/smartphone-users-identity-fraud/

ISO 27002:2022: Unpacking the InfoSec Management Standard (11 mar)
https://www.govinfosecurity.com/interviews/iso-270022022-unpacking-infosec-management-standard-i-5035

Ransomware considered top threat to financial sector (11 mar)
https://itsecuritywire.com/news/ransomware-considered-top-threat-to-financial-sector/

CERT-SE i veckan

Flera kritiska sårbarheter i SAP-produkter

Microsofts månatliga säkerhetsuppdateringar för mars 2022

Sårbarhet i linuxkärnan

Kritiska sårbarheter i PTC Axeda (uppdaterad)