CERT-SE:s veckobrev v.15
Efter en kort vecka kommer här ett lite kortare veckobrev med gott och blandat. CERT-SE vill också passa på att önska trevlig helg och, i tidens tecken, bjuda på lite hexkonster:
47 6c 61 64 20 70 e5 73 6b 21
Nyheter i veckan
No Log4j, But Spring4Shell Exploitation Attempts Increase (8 apr)
https://www.databreachtoday.co.uk/no-log4j-but-spring4shell-exploitation-attempts-increase-a-18869
Attackers exploit Spring4Shell flaw to let loose the Mirai botnet (11 apr)
https://www.theregister.com/2022/04/11/spring4shell-flaw-exploited-mirai-botnet/
Finnish govt websites knocked down as Ukraine President addresses MPs (9 apr)
https://www.theregister.com/2022/04/09/dos_attacks_finland_russia/
Hackers use Conti’s leaked ransomware to attack Russian companies (9 apr)
https://www.bleepingcomputer.com/news/security/hackers-use-contis-leaked-ransomware-to-attack-russian-companies/
Exclusive: Senior EU officials were targeted with Israeli spyware (11 apr)
https://www.reuters.com/technology/exclusive-senior-eu-officials-were-targeted-with-israeli-spyware-sources-2022-04-11/
The Tricky Aftermath of Source Code Leaks (11 apr)
https://www.wired.com/story/source-code-leak-dangers/
Third npm protestware: ‘event-source-polyfill’ calls Russia out (11 apr)
https://www.bleepingcomputer.com/news/security/third-npm-protestware-event-source-polyfill-calls-russia-out/
Skånes Kommuner utsatta för ransomware-attack (11 apr)
https://skåneskommuner.se/news/skanes-kommuner-utsatta-for-ransomware-attack/
RuRansom – A Retaliatory Wiper (12 apr)
https://blogs.vmware.com/security/2022/04/ruransom-a-retaliatory-wiper.html
Ukraine says it thwarted Russian cyberattack on electricity grid (12 apr)
https://www.reuters.com/world/europe/russian-hackers-tried-sabotage-ukrainian-power-grid-officials-researchers-2022-04-12/
Industroyer2: Industroyer reloaded (12 apr)
https://www.welivesecurity.com/2022/04/12/industroyer2-industroyer-reloaded/
One of the world’s biggest hacker forums taken down (12 apr)
https://www.europol.europa.eu/media-press/newsroom/news/one-of-world%E2%80%99s-biggest-hacker-forums-taken-down
Polisen: Svensk man gripen – efter tillslag mot ett av världens största hackerforum (13 apr)
https://www.svt.se/nyheter/svensk-man-gripen-efter-nyckelroll-i-ett-av-varldens-storsta-hackerforum
APT Cyber Tools Targeting ICS/SCADA Devices (13 apr)
https://www.cisa.gov/uscert/ncas/alerts/aa22-103a
Microsoft disrupts Zloader malware in global operation (13 apr)
https://www.bleepingcomputer.com/news/security/microsoft-disrupts-zloader-malware-in-global-operation/
Informationssäkerhet och blandat
Security Nihilism Is Putting Your Company — and Its Employees — at Risk (8 apr)
https://www.darkreading.com/vulnerabilities-threats/security-nihilism-is-putting-your-company-and-its-employees-at-risk
IAM Your Defense Against Cloud Threats: The Latest Unit 42 Cloud Threat Research (12 apr)
https://unit42.paloaltonetworks.com/iam-cloud-threat-research/
Synopsys Study Highlights Challenges with Managing Open Source Risk in Software Supply Chains (14 apr)
https://www.eetasia.com/synopsys-study-highlights-challenges-with-managing-open-source-risk-in-software-supply-chains/
OPEN SOURCE SECURITY AND RISK ANALYSIS REPORT
https://www.synopsys.com/software-integrity/resources/analyst-reports/open-source-security-risk-analysis.html
Known Exploited Vulnerabilities Catalog
https://www.cisa.gov/known-exploited-vulnerabilities-catalog