CERT-SE:s veckobrev v.13

Veckobrev

Det är inget skämt, att det är mycket som har hänt. Men undvik panik och spring, gör istället en it-säkerhetsutmaning.

Trevlig helg!

Nyheter i veckan

CISA Adds 66 Known Exploited Vulnerabilities to Catalog (25 mar)
https://www.cisa.gov/uscert/ncas/current-activity/2022/03/25/cisa-adds-66-known-exploited-vulnerabilities-catalog

Okta | Frequently Asked Questions Regarding the January 2022 Compromise (31 mar)
https://support.okta.com/help/s/article/Frequently-Asked-Questions-Regarding-January-2022-Compromise .. Okta acknowledges ‘mistake’ in handling of Lapsus$ attack (28 mar)
https://www.theregister.com/2022/03/28/okta_lapsuss_faq_admits_mistake/

Hacked WordPress sites force visitors to DDoS Ukrainian targets (28 mar)
https://www.bleepingcomputer.com/news/security/hacked-wordpress-sites-force-visitors-to-ddos-ukrainian-targets/

Ukraine war: Major internet provider suffers cyber-attack (29 mar)
https://www.bbc.com/news/60854881

Mitigating Attacks Against Uninterruptable Power Supply Devices (29 mar)
https://www.cisa.gov/uscert/ncas/current-activity/2022/03/29/mitigating-attacks-against-uninterruptable-power-supply-devices

Tracking cyber activity in Eastern Europe (30 mar)
https://blog.google/threat-analysis-group/tracking-cyber-activity-eastern-europe/

Ukraina förstör bot-fabriker som sprider desinformation bland befolkningen (30 mar)
https://computersweden.idg.se/2.2683/1.764435/ukraina-forstor-botfarmar-som-spred-desinformation-bland-befolkningen

Hive ransomware uses new ‘IPfuscation’ trick to hide payload (30 mar)
https://www.bleepingcomputer.com/news/security/hive-ransomware-uses-new-ipfuscation-trick-to-hide-payload/

Despite Arrests, LAPSUS$ Hacking Group Strikes Again, Hitting IT Supplier (30 mar)
https://uk.pcmag.com/security/139521/despite-arrests-lapsus-hacking-group-strikes-again-hitting-it-supplier

Uppgifter: Apple och Meta lämnade ut data till hackare – trodde det var polisen (31 mar)
https://computersweden.idg.se/2.2683/1.764545/uppgifter-apple-och-meta-lamnade-ut-data-till-hackare-trodde-det-var-polisen

Informationssäkerhet och blandat

EU och USA överens: Ska ta fram nya dataregler (25 mar)
https://www.svt.se/nyheter/inrikes/eu-och-usa-overens-ska-ta-fram-nya-dataregler

Estonian Cyber Security Council discusses strengthening of cyber defense in context of war (25 mar)
https://www.baltictimes.com/estonian_cyber_security_council_discusses_strengthening_of_cyber_defense_in_context_of_war/

The Rise of the Hacking Group LAPSUS$ (25 mar)
https://www.vice.com/en/article/wxdynm/the-rise-of-the-hacking-group-lapsusdollar

Among Us Servers Have Been Down For Over 48 Hours Due To DDoS Attack (27 mar)
https://kotaku.com/among-us-down-servers-ddos-update-innersloth-attack-sab-1848709508

Google outlines staggering scale of ‘abusive edits’ to its Maps app (28 mar)
https://www.trustedreviews.com/news/google-outlines-staggering-scale-of-abusive-edits-to-its-maps-app-4221260

Kalix kommundirektör prisades som årets mest inflytelserika inom tech på Tech Awards Sweden (28 mar)
https://www.aktuellsakerhet.se/kalix-kommundirektor-prisades-som-arets-mest-inflytelserika-pa-tech-awards-sweden/

Sverige titelförsvarare i cyberförsvarsövningen Locked Shields (29 mar)
https://www.forsvarsmakten.se/sv/aktuellt/2022/03/sverige-titelforsvarare-i-cyberforsvarsovningen-locked-shields/

Horde of miner bots and backdoors leveraged Log4J to attack VMware Horizon servers (29 mar)
https://news.sophos.com/en-us/2022/03/29/horde-of-miner-bots-and-backdoors-leveraged-log4j-to-attack-vmware-horizon-servers/

Debatt | Den värsta typen av cyberbrottslighet hittills? (30 mar)
https://www.aktuellsakerhet.se/den-varsta-typen-av-cyberbrottslighet-hittills/

A Sinister Way to Beat Multifactor Authentication Is on the Rise (30 mar)
https://www.wired.com/story/multifactor-authentication-prompt-bombing-on-the-rise/

Cyberförsvaret stärks – men alla svenskar uppmanas ta ansvar för säkerheten (31 mar)
https://computersweden.idg.se/2.2683/1.764570/cyberforsvaret-alla-ta-ansvar

FBI Releases PIN on Ransomware Straining Local Governments and Public Services (31 mar)
https://www.cisa.gov/uscert/ncas/current-activity/2022/03/31/fbi-releases-pin-ransomware-straining-local-governments-and-public

Säkerhetskopiering – den sista försvarslinjen mot cyberattacker (31 mar)
https://www.aktuellsakerhet.se/sakerhetskopiering-den-sista-forsvarslinjen-mot-cyberattacker/

Säkerhetspolisen 2021 | Sju hot och sårbarheter
https://www.sakerhetspolisen.se/publikationer/om-sakerhetspolisen/sakerhetspolisen-2021/sju-hot-och-sarbarheter.html

Capture The Flag | Har du vad som krävs?
https://www.undutmaning.se/

CERT-SE i veckan

Kritisk sårbarhet i Spring Framework

Flera fall av nätfiske - öka vaksamheten (Uppdaterad 2022-03-30)