CERT-SE:s veckobrev v.10
Lika givet som CERT-SE:s veckobrev på fredagar är Patch-Tuesday. Vi har därmed uppmärksammat flera kritiska sårbarheter. Se våra publiceringar längst ner i veckobrevet.
I dag för precis 70 år sedan, den 11 mars 1952, föds Douglas Adams. Glöm inte din handduk!
Trevlig helg!
Nyheter i veckan
Leaked stolen Nvidia key can sign Windows malware (5 mar)
https://www.theregister.com/2022/03/05/nvidia_stolen_certificate/
SharkBot Banking Malware Spreading via Fake Android Antivirus App on Google Play Store (6 mar)
https://thehackernews.com/2022/03/sharkbot-banking-malware-spreading-via.html
SATCOM terminals under attack in Europe: a plausible analysis. (7 mar)
https://www.reversemode.com/2022/03/satcom-terminals-under-attack-in-europe.html
FBI: Ransomware gang breached 52 US critical infrastructure orgs (7 mar)
https://www.bleepingcomputer.com/news/security/fbi-ransomware-gang-breached-52-us-critical-infrastructure-orgs/
FBI Releases Indicators of Compromise for RagnarLocker Ransomware (8 mar)
https://www.cisa.gov/uscert/ncas/current-activity/2022/03/08/fbi-releases-indicators-compromise-ragnarlocker-ransomware
Exceptionellt mycket observationer av GPS-störningar i närheten av östgränsen (9 mar)
https://www.traficom.fi/sv/aktuellt/exceptionellt-mycket-observationer-av-gps-storningar-i-narheten-av-ostgransen
Alleged hacker behind Kaseya ransomware attack extradited, arraigned in Texas (9 mar)
https://www.zdnet.com/article/alleged-hacker-behind-kaseya-ransomware-attack-extradited-arraigned-in-texas/
Misstänkt för utpressningsattacken som drabbade Coop utvisad till USA (11 mar)
https://www.dn.se/sverige/misstankt-for-utpressningsattacken-som-drabbade-coop-utvisad-till-usa/
Mobile Malware is Surging in Europe: A Look at the Biggest Threats (9 mar)
https://www.proofpoint.com/us/blog/email-and-cloud-threats/mobile-malware-surging-europe-look-biggest-threats
Nearly 30% of critical WordPress plugin bugs don’t get a patch (9 mar)
https://www.bleepingcomputer.com/news/security/nearly-30-percent-of-critical-wordpress-plugin-bugs-dont-get-a-patch/
Threat advisory: Cybercriminals compromise users with malware disguised as pro-Ukraine cyber tools (9 mar)
https://blog.talosintelligence.com/2022/03/threat-advisory-cybercriminals.html
Where’s the Russia-Ukraine Cyberwar? (10 mar)
https://www.schneier.com/blog/archives/2022/03/wheres-the-russia-ukraine-cyberwar.html
Russia creates its own TLS certificate authority to bypass sanctions (10 mar)
https://www.bleepingcomputer.com/news/security/russia-creates-its-own-tls-certificate-authority-to-bypass-sanctions/
BDX utsatt för IT-attack: Tvingas jobba som på 90-talet (11 mar)
https://sverigesradio.se/artikel/bdx-utsatt-for-it-attack-tvingas-jobba-som-pa-90-talet
Överbelastningsattacker
Migrationsverket drabbades av cyberangrepp (7 mar)
https://www.nyteknik.se/sakerhet/migrationsverket-drabbades-av-cyberangrepp-7029846
Myndighet bekräftar: Överbelastningsattack mot flera offentliga webbplatser – sajterna fungerar nu igen (8 mar)
https://svenska.yle.fi/artikel/2019/08/22/myndighet-bekraftar-overbelastningsattack-mot-flera-offentliga-webbplatser
Underrättelsechefen: MSB utsatt för cyberattack (10 mar)
https://sverigesradio.se/artikel/msb-utsatt-for-cyberattack
Informationssäkerhet och blandat
NSA Releases Network Infrastructure Security Guidance (3 mar)
https://www.cisa.gov/uscert/ncas/current-activity/2022/03/03/nsa-releases-network-infrastructure-security-guidance
10 Recommendations To Prepare for an Escalating Cyber Conflict (7 mar)
https://www.truesec.com/hub/blog/10-recommendations-to-prepare-for-an-escalating-cyber-conflict
Bugs in Hello World (8 mar)
https://blog.sunfishcode.online/bugs-in-hello-world/
Emotet Redux (8 mar)
https://blog.lumen.com/emotet-redux/
CERT-EU Security Guidance 22-001 | Cybersecurity mitigation measures against critical threats
https://media.cert.europa.eu/static/WhitePapers/TLP-WHITE-CERT-EU_Security_Guidance-22-001_v1_0.pdf
Consumers don’t think they can dodge identity fraud (11 mar)
https://www.helpnetsecurity.com/2022/03/11/smartphone-users-identity-fraud/
ISO 27002:2022: Unpacking the InfoSec Management Standard (11 mar)
https://www.govinfosecurity.com/interviews/iso-270022022-unpacking-infosec-management-standard-i-5035
Ransomware considered top threat to financial sector (11 mar)
https://itsecuritywire.com/news/ransomware-considered-top-threat-to-financial-sector/
CERT-SE i veckan
Flera kritiska sårbarheter i SAP-produkter