CERT-SE:s veckobrev v.36

Det har varit en händelserik vecka på it-säkerhetsområdet, både nationellt och internationellt. Här hittar du blandade nyheter och inlägg från veckan som gått.

Trevlig helg!

Nyheter i veckan

Toronto school board confirms students’ info stolen as LockBit claims breach (30 aug) https://therecord.media/toronto-school-district-board-ransomware

Researcher sued for sharing data stolen by ransomware with media (30 aug) https://www.bleepingcomputer.com/news/security/researcher-sued-for-sharing-data-stolen-by-ransomware-with-media/

Check your IP cameras: There’s a new Mirai botnet on the rise (31 aug) https://www.theregister.com/2024/08/31/ip_cameras_mirai_botnet/

Linux version of new Cicada ransomware targets VMware ESXi servers (1 sep) https://www.bleepingcomputer.com/news/security/cicada3301-ransomwares-linux-encryptor-targets-vmware-esxi-systems/

German air traffic control agency confirms cyberattack, says operations unaffected (2 sep) https://therecord.media/german-air-traffic-control-company-deutsche-flugsicherung-cyberattack

Få svenska företag har en genomtänkt strategi för AI (2 sep) https://computersweden.se/article/3499748/fa-svenska-foretag-har-en-genomtankt-strategi-for-ai.html

Transport for London (TfL) is dealing with an ongoing cyberattack (2 sep) https://securityaffairs.com/167946/hacking/transport-for-london-tfl-ongoing-cyberattack.html

Säkerhetskollen: Varning för kryptobedrägeri (2 sep) https://sakerhetskollen.se/aktuella-brott/varning-for-kryptobedrageri

Ransomware Gangs Pummel Southeast Asia (2 sep) https://www.darkreading.com/cyber-risk/ransomware-gangs-pummel-southeast-asia

Ex-Engineer Charged in Missouri for Failed $750,000 Bitcoin Extortion Attempt (3 sep) https://thehackernews.com/2024/09/ex-engineer-charged-in-missouri-for.html

Oil titan Halliburton confirms data was stolen in cyberattack (3 sep) https://therecord.media/halliburton-confirms-data-stolen-in-incident

The government isn’t ready for cyber chaos in the food and agriculture sector (3 sep) https://therecord.media/government-is-not-ready-for-food-agriculture-cybersecurity-usda

YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel (3 sep) https://arstechnica.com/security/2024/09/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel/

Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database (4 sep) https://thehackernews.com/2024/09/clearview-ai-faces-305m-fine-for.html

Ängelholm kommun satsar på brottsförebyggande arbete i den digitala miljön (4 sep) https://www.aktuellsakerhet.se/angelholm-kommun-satsar-pa-brottsforebyggande-arbete-i-den-digitala-miljon/

Cyberattack confirmed by Planned Parenthood of Montana amid RansomHub claims (5 sep) https://www.scmagazine.com/brief/cyberattack-confirmed-by-planned-parenthood-of-montana-amid-ransomhub-claims

Sommar och sol – då surfar svenskarna som mest (5 sep) https://computersweden.se/article/3505465/sommar-och-sol-da-surfar-svenskarna-som-mest.html

Three Billion Packets Per Second DDoS Attack Stopped (5 sep) https://insight.scmagazineuk.com/three-billion-packets-per-second-ddos-attack-stopped

Elektroskandia hackade – centrallagret i Örebro påverkat (5 sep) https://www.svt.se/nyheter/lokalt/orebro/elektroskandia-hackade-centrallagret-i-orebro-paverkat

Pavel Durov Criticizes Outdated Laws After Arrest Over Telegram Criminal Activity (6 sep) https://thehackernews.com/2024/09/paul-durov-criticizes-outdated-laws.html

Rapporter och fördjupningar

State-backed attackers and commercial surveillance vendors repeatedly use the same exploits (29 aug) https://blog.google/threat-analysis-group/state-backed-attackers-and-commercial-surveillance-vendors-repeatedly-use-the-same-exploits/

Dissecting the Cicada (30 aug) https://www.truesec.com/hub/blog/dissecting-the-cicada

Spoofed GlobalProtect Used to Deliver Unique WikiLoader Variant (2 sep) https://unit42.paloaltonetworks.com/global-protect-vpn-spoof-distributes-wikiloader/

CERT-EU Threat Intelligence: Cyber Brief August 2024 (4 sep) https://www.cert.europa.eu/publications/threat-intelligence/cb24-09/

Getting “in tune” with an enterprise: Detecting Intune lateral movement (4 sep) https://securityintelligence.com/x-force/detecting-intune-lateral-movement/

SANS: Enrichment Data - Keeping it Fresh (5 sep) https://isc.sans.edu/diary/Enrichment%20Data%3A%20Keeping%20it%20Fresh/31236

Informationssäkerhet och blandat

Connected Communities Guidance: Zero Trust to Protect Interconnected Systems (29 aug) https://www.cisa.gov/resources-tools/resources/connected-communities-guidance-zero-trust-protect-interconnected-systems

Internationella Sudoku-dagen 9 september: No Such Puzzle - Bite-sized Sudoku (31 aug) https://www.nsa.gov/Puzzles/View/Article/3891254/no-such-puzzle-bite-sized-sudoku/

Digital twins: secure design and development (2 sep) https://www.ncsc.gov.uk/blog-post/digital-twins-secure-design-development

Här är Folkhälsomyndighetens nya rekommendationer kring barns skärmtid (2 sep) https://www.svt.se/nyheter/inrikes/ungas-skarmanvandning-kan-skada-halsan-nu-foreslas-rekommendationer

White House Office of the National Cyber Director Releases Roadmap to Enhance Internet Routing Security (3 sep) https://www.whitehouse.gov/oncd/briefing-room/2024/09/03/press-release-white-house-office-of-the-national-cyber-director-releases-roadmap-to-enhance-internet-routing-security/

Förtroendet för biometri ökar – var tredje svensk vill låsa upp allt med fingeravtryck (4 sep) https://www.aktuellsakerhet.se/fortroendet-for-biometri-okar-var-tredje-svensk-vill-lasa-upp-allt-med-fingeravtryck/

CERT-SE i veckan

Kritisk sårbarhet i Zyxel-produkter (3 sep) https://www.cert.se/2024/09/kritisk-sarbarhet-i-zyxel-produkter.html