CERT-SE:s veckobrev v.20
I samband med statsbesöket tidigare i veckan besökte det svenska kungaparet och en delegation från Finland bestående av ministrar och presidentens fru MSB för att få en bättre bild av hur det svensk-finska samarbetet inom krisberedskap ser ut. Bland annat fick representanter från CERT-SE möjlighet att ge en inblick i hur den operativa hanteringen av it-incidenter går till. Om detta och mycket annat kan ni läsa i veckobrevet nedan.
Trevlig helg önskar CERT-SE!
Nyheter i veckan
Putting staff welfare at the heart of incident response (10 maj)
https://www.ncsc.gov.uk/guidance/putting-staff-welfare-at-the-heart-of-incident-response
Ransomware group strikes second U.S. health care system in the last two months (13 maj)
https://www.cyberscoop.com/ransomware-us-hospital-system-healthcare/
Cyber experts join campaign to keep women safe from abusers (15 maj)
https://www.irishexaminer.com/news/arid-40872620.html
Italy prevents pro-Russian hacker attacks during Eurovision contest (15 maj)
https://www.reuters.com/world/europe/italian-police-prevents-pro-russian-hacker-attacks-during-eurovision-contest-2022-05-15/
CISA warns not to install May Windows updates on domain controllers (16 maj)
https://www.bleepingcomputer.com/news/security/cisa-warns-not-to-install-may-windows-updates-on-domain-controllers/
Researchers warn of APTs, data leaks as serious threats against UK financial sector (16 maj)
https://www.zdnet.com/article/researchers-warn-of-apts-data-leaks-as-serious-threats-against-uk-financial-sector/
Polisens larm: Bedragare slår till med falsk swish-app (17 maj)
https://sverigesradio.se/artikel/polisen-varnar-for-bedragerier-med-falsk-swish-app
Emotet is the most common malware (17 maj)
https://www.helpnetsecurity.com/2022/05/17/emotet-detections-q1-2022/
Sysrv-K Botnet Targets Windows, Linux (17 maj)
https://threatpost.com/sysrv-k-botnet-targets-windows-linux/179646/
How Mobile Networks Have Become a Front in the Battle for Ukraine (17 maj)
https://www.darkreading.com/attacks-breaches/how-mobile-networks-have-become-a-front-in-the-battle-for-ukraine
When Your Smart ID Card Reader Comes With Malware (17 maj)
https://krebsonsecurity.com/2022/05/when-your-smart-id-card-reader-comes-with-malware/
Long lost @ symbol gets new life obscuring malicious URLs (17 maj)
https://blog.malwarebytes.com/social-engineering/2022/05/long-lost-symbol-gets-new-life-obscuring-malicious-urls/
Kungaparet och finsk delegation besökte MSB (18 maj)
https://www.msb.se/sv/aktuellt/nyheter/2022/maj/kungaparet-och-finsk-delegation-besokte-msb/
”Digital insatsstyrka” ska skydda Estland från cyberattacker (18 maj)
https://www.svt.se/nyheter/utrikes/sa-rustar-estland-mot-cyberattacker
NCSC advisory highlights poor security configurations (18 maj)
https://channellife.co.nz/story/ncsc-advisory-highlights-poor-security-configurations
Wizard Spider hackers hire cold callers to scare ransomware victims into paying up (18 maj)
https://www.zdnet.com/article/wizard-spider-hacking-group-hires-cold-callers-to-scare-ransomware-victims-into-paying-up/
The Vulnerable Maritime Supply Chain - a Threat to the Global Economy (18 maj)
https://www.securityweek.com/vulnerable-maritime-supply-chain-threat-global-economy
MITRE Creates Framework for Supply Chain Security (18 maj)
https://www.darkreading.com/application-security/mitre-creates-framework-for-supply-chain-security
Water companies are increasingly uninsurable due to ransomware, industry execs say (18 maj)
https://www.cyberscoop.com/water-industry-ransomware-insurance/
Conti ransomware shuts down operation, rebrands into smaller units (19 maj)
https://www.bleepingcomputer.com/news/security/conti-ransomware-shuts-down-operation-rebrands-into-smaller-units/
Bumblebee Malware from TransferXL URLs (19 maj)
https://isc.sans.edu/diary/rss/28664
Media giant Nikkei’s Asian unit hit by ransomware attack (19 maj)
https://www.bleepingcomputer.com/news/security/media-giant-nikkei-s-asian-unit-hit-by-ransomware-attack/
Informationssäkerhet och blandat
Your social media account hasn’t been hacked, it’s been cloned! (17 maj)
https://www.tripwire.com/state-of-security/security-data-protection/social-media-account-hasnt-been-hacked-its-been-cloned/
Europe moves closer to stricter cybersecurity standards, reporting regs (17 maj)
https://www.theregister.com/2022/05/17/europe_nis2_cybersecurity_regulations/