CERT-SE:s veckobrev v.42
Denna vecka uppmärksammar vi bland annat att MSB publicerat en vägledning för säkerhet i informationssystem, samt även en termbank för informationssäkerhet.
Vi påminner också om att det är hög tid att anta CERT-SE:s CTF-utmaning! Sista dag att inkomma med svar är den 31 oktober. Se https://www.cert.se/2022/09/cert-se-ctf2022 för vidare information.
Nyheter i veckan
Google Translate is being hijacked by phishers to steal your data (14 okt)
https://www.techradar.com/news/google-translate-is-being-hijacked-by-phishers-to-steal-your-data
CISA Releases RedEye: Red Team Campaign Visualization and Reporting Tool (14 okt)
https://www.cisa.gov/uscert/ncas/current-activity/2022/10/14/cisa-releases-redeye-red-team-campaign-visualization-and-reporting
Concerns Over Fortinet Flaw Mount; PoC Released, Exploit Activity Grows (14 okt)
https://www.darkreading.com/attacks-breaches/concerns-fortinet-flaw-poc-increased-exploit-activity
Microsoft Office 365 email encryption could expose message content (14 okt)
https://www.bleepingcomputer.com/news/security/microsoft-office-365-email-encryption-could-expose-message-content/
Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug (16 okt)
https://securityaffairs.co/wordpress/137164/apt/zimbra-cve-2022-41352-exploitation.html
Venus Ransomware targets publicly exposed Remote Desktop services (16 okt)
https://www.bleepingcomputer.com/news/security/venus-ransomware-targets-publicly-exposed-remote-desktop-services/
Police dismantles criminal ring that hacked keyless cars (17 okt)
https://www.bleepingcomputer.com/news/security/police-dismantles-criminal-ring-that-hacked-keyless-cars/
Naturvårdsverkets IT-system öppnar (17 okt)
https://www.naturvardsverket.se/om-oss/aktuellt/nyheter-och-pressmeddelanden/naturvardsverkets-it-system-oppnar/
Så upptäcker ni bakdörrar i IT-system (18 okt)
https://kryptera.se/sa-upptacker-ni-bakdorrar-i-it-system/
Why Log4Text is not another Log4Shell (19 okt)
https://www.malwarebytes.com/blog/news/2022/10/why-log4text-is-not-another-log4shell
Nya uppgifter i Vklass-läckan: Personuppgifter spreds från elevkonto (20 okt)
https://www.svt.se/nyheter/lokalt/vast/nya-uppgifter-personuppgifter-lacktes-fran-elevkonto
Check Point Research analyzes the newly emerged Black Basta Ransomware, alerts organizations to adopt prevention best practices (20 okt)
https://blog.checkpoint.com/2022/10/20/check-point-research-analyzes-the-newly-emerged-black-basta-ransomware-alerts-organizations-to-adopt-prevention-best-practices/
Good news, URSNIF no longer a banking trojan. Bad news, it’s now a backdoor (21 okt)
https://www.theregister.com/2022/10/21/ursnif_trojan_shift_ransomware/
Informationssäkerhet och blandat
Vägledning : säkerhetsåtgärder i informationssystem
https://www.msb.se/sv/publikationer/vagledning–sakerhetsatgarder-i-informationssystem/
White House readies new cyber regulation rollouts (14 okt)
https://www.axios.com/2022/10/14/white-house-cyber-regulations
Infosec still (mostly) a boys club (15 okt)
https://www.theregister.com/2022/10/15/infosec_boys_club/
Mysterious Prestige ransomware targets organizations in Ukraine and Poland (16 okt)
https://securityaffairs.co/wordpress/137203/apt/prestige-ransomware-targets-ukraine.html
Ny rapport: Cybersäkerhet för ökad konkurrenskraft (17 okt)
https://www.iva.se/publicerat/ny-rapport-cybersakerhet-for-okad-konkurrenskraft/
Granskningar visar brister i Västerbottens IT-säkerhet (17 okt)
https://lakartidningen.se/aktuellt/nyheter/2022/10/granskningar-visar-brister-i-vasterbottens-it-sakerhet/
An Acquisition Security Framework for Supply Chain Risk Management (17 okt)
https://insights.sei.cmu.edu/blog/an-acquisition-security-framework-for-supply-chain-risk-management/
Police tricked a ransomware gang into handing over its decryption keys. Here’s how they did it (17 okt)
https://www.zdnet.com/article/police-tricked-a-ransomware-gang-into-handing-over-its-decryption-keys-heres-how-they-did-it
UK government in talks with datacenter operators over blackouts (18 okt)
https://www.theregister.com/2022/10/18/uk_government_in_talks_with/
Germany fires cybersecurity chief ‘over Russia ties’ (19 okt)
https://www.bbc.com/news/world-europe-63301864
Ny termbank för informationssäkerhet (19 okt)
https://www.msb.se/sv/aktuellt/nyheter/2022/oktober/ny-termbank-for-informationssakerhet/
Internet connectivity worldwide impacted by severed fiber cables in France (20 okt)
https://www.bleepingcomputer.com/news/technology/internet-connectivity-worldwide-impacted-by-severed-fiber-cables-in-france/
CERT-SE i veckan
Oracles kvartalsvisa säkerhetsuppdatering för oktober 2022Kritisk sårbarhet i Apache Commons Text (uppdaterad 2022-10-18)