AKTUELLA meddelanden

SecuureIT hjälper samhälle, företag och organisationer att säkra upp system, Internet och kommunikation inför framtida och nutida hot. Vi verkar för frihet, transparens och säkerhet. Vi hämtar våra viktiga säkerhetsmeddelanden från CERT-SE.

Om CERT-SE
CERT-SE är Sveriges nationella CSIRT (Computer Security Incident Response Team) med uppgift att stödja samhället i arbetet med att hantera och förebygga it-incidenter. Verksamheten bedrivs vid Myndigheten för samhällsskydd och beredskap (MSB).

CERT-SE:s veckobrev v.6

Ni missade väl inte Safer Internet Day i tisdags? Dagen som syftar till att göra internet lite säkrare, lite bättre, arrangerades i år för tjugonde gången i ordningen. På webbplatsen och i andra kanaler finns bra tips för både unga och lite mindre unga surfare. Vi påminner om våra artiklar om nätfiske och överbelastningsangrepp. Trevlig helg önskar CERT-SE!

Nyheter i veckan

6 Ransomware Trends & Evolutions For 2023 (2 feb)
https://www.trendmicro.com/en_us/ciso/23/b/ransomware-trends-evolutions-2023.html

Cyberthreats facing UK finance sector ”a national security threat” (3 feb)
https://www.malwarebytes.com/blog/news/2023/02/financials-are-facing-an-unprecedented-number-of-cybersecurity-threats

Cybersecurity Snapshot: As ChatGPT Fire Rages, NIST Issues AI Security Guidance (3 feb)
https://www.tenable.com/blog/cybersecurity-snapshot-as-chatgpt-fire-rages-nist-issues-ai-security-guidance

Until further notice, think twice before using Google to download software (3 feb)
https://arstechnica.com/information-technology/2023/02/until-further-notice-think-twice-before-using-google-to-download-software/

NY attorney general forces spyware vendor to alert victims (4 feb)
https://www.bleepingcomputer.com/news/security/ny-attorney-general-forces-spyware-vendor-to-alert-victims/

Finland’s Most-Wanted Hacker Nabbed in France (5 feb)
https://krebsonsecurity.com/2023/02/finlands-most-wanted-hacker-nabbed-in-france/

Feltänkta OT-produkter har massor av inbyggda säkerhetsrisker (6 feb)
https://computersweden.idg.se/2.2683/1.771156/feltankta-ot-produkter-har-massor-av-inbyggda-sakerhetsrisker

Vulnerabilities and exposures to rise to 1,900 a month in 2023: Coalition (6 feb)
https://www.csoonline.com/article/3687137/vulnerabilities-and-exposures-to-rise-to-1-900-a-month-in-2023-coalition.html
—
Cyber Threat Index 2023
https://info.coalitioninc.com/rs/566-KWJ-784/images/Coalition_Cyber-Threat-Index-2023.pdf

British steel industry supplier Vesuvius ‘currently managing cyber incident’ (6 feb)
https://therecord.media/vesuvius-plc-cyber-incident-steel-industry-supplier/
—
Vesuvius plc: Statement on cyber security incident (6 feb)
https://www.londonstockexchange.com/news-article/VSVS/cyber-security-incident/15824555

Major Florida Hospital Shuts Down Networks, Ransomware Attack Suspected (6 feb)
https://www.infosecurity-magazine.com/news/major-florida-hospital-shuts/

EU lawmakers aim for common position on draft AI rules by early March (6 feb)
https://www.reuters.com/technology/eu-lawmakers-aim-common-position-draft-ai-rules-by-early-march-2023-02-06/

Pupils across the UK crowned champions of the NCSC cyber contest for girls (6 feb)
https://www.ncsc.gov.uk/news/pupils-across-the-uk-crowned-champions-of-the-ncsc-cyber-contest-for-girls

New strike against encrypted criminal communications with dismantling of Exclu tool (6 feb)
https://www.eurojust.europa.eu/news/new-strike-against-encrypted-criminal-communications-dismantling-exclu-tool
—
Eurocops shut down Exclu encrypted messaging app, arrest dozens (7 feb)
https://www.theregister.com/2023/02/07/police_exclu_encrypted/

Anonymous leaked 128GB of data stolen from Russian ISP Convex revealing FSB’s warrantless surveillance (7 feb)
https://securityaffairs.com/141888/hacktivism/anonymous-fsb-surveillance.html

This notorious ransomware has now found a new target (7 feb)
https://www.zdnet.com/article/this-notorious-ransomware-is-now-targeting-linux-systems-too

OpenSSH addressed a new pre-auth double free vulnerability (7 feb)
https://securityaffairs.com/141907/hacking/openssh-pre-auth-double-free-bug.html

After Hive takedown, could the LockBit ransomware crew be the next to fall? (7 feb)
https://cyberscoop.com/lockbit-ransomware-crew-law-enforcement-hive/

Retail Sector Ransomware Attacks Grow by 67% in 2022 (7 feb)
https://www.blackfog.com/retail-sector-ransomware-attacks-2022/

Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm (7 feb)
https://thehackernews.com/2023/02/linux-variant-of-clop-ransomware.html
—
Cl0p Ransomware Targets Linux Systems with Flawed Encryption | Decryptor Available (7 feb)
https://www.sentinelone.com/labs/cl0p-ransomware-targets-linux-systems-with-flawed-encryption-decryptor-available/

NIST Selects ‘Lightweight Cryptography’ Algorithms to Protect Small Devices (7 feb)
https://www.nist.gov/news-events/news/2023/02/nist-selects-lightweight-cryptography-algorithms-protect-small-devices

Malware delivery through Microsoft OneNote files is growing in a post-macro world (7 feb)
https://www.techspot.com/news/97514-malware-delivery-through-microsoft-onenote-files-growing-post.html

Cybercriminals Bypass ChatGPT Restrictions to Generate Malicious Content (7 feb)
https://blog.checkpoint.com/2023/02/07/cybercriminals-bypass-chatgpt-restrictions-to-generate-malicious-content/

CISA says Killnet DDoS attacks on U.S. hospitals had little effect (7 feb)
https://therecord.media/ddos-hospitals-cisa-killnet-limited-effects/

Happy Safer Internet Day 2023! (7 feb)
https://www.saferinternetday.org/news/article?id=7043422
—
Saferinternetday – Bletchley Park’s top tips – part one (8 feb)
https://youtu.be/IYyywut-rrs

ION brings clients back online after ransomware attack – source (8 feb)
https://www.reuters.com/technology/ion-starts-bring-clients-back-online-after-ransomware-attack-source-2023-02-07/

Singapore hit by growing cybercrimes, clocks $501M in losses from scams (8 feb)
https://www.zdnet.com/article/singapore-hit-by-growing-cybercrimes-clocks-501m-in-losses-from-scams/

A Detailed Analysis of a New Stealer Called Stealerium (8 feb)
https://resources.securityscorecard.com/research/stealerium-detailed-analysis

2023 Security Report: Cyberattacks reach an all-time high in response to geo-political conflict, and the rise of ‘disruption and destruction’ malware (8 feb)
https://research.checkpoint.com/2023/2023-security-report-cyberattacks-reach-an-all-time-high-in-response-to-geo-political-conflict-and-the-rise-of-disruption-and-destruction-malware/

Tor and I2P networks hit by wave of ongoing DDoS attacks (8 feb)
https://www.bleepingcomputer.com/news/security/tor-and-i2p-networks-hit-by-wave-of-ongoing-ddos-attacks/

Drug distributor AmerisourceBergen confirms security breach (8 feb)
https://www.bleepingcomputer.com/news/security/drug-distributor-amerisourcebergen-confirms-security-breach/

Ransomware review: February 2023 (8 feb)
https://www.malwarebytes.com/blog/business/2023/02/ransomware-in-february-2023

Healthcare Industry Was the Most Common Victim of Third-Party Breaches in 2022 (8 feb)
https://circleid.com/posts/20230208-healthcare-industry-was-the-most-common-victim-of-third-party-breaches-in-2022

Stort intresse för Cyber Challenge 2023 (9 feb)
https://www.ncsc.se/aktuellt/stort-intresse-for-cyber-challenge-2023/

Hackers breach Reddit to steal source code and internal data (9 feb)
https://www.bleepingcomputer.com/news/security/hackers-breach-reddit-to-steal-source-code-and-internal-data/

Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices (9 feb)
https://thehackernews.com/2023/02/critical-infrastructure-at-risk-from.html

ESXiArgs ransomware

Ransomware scum launch wave of attacks on critical, but old, VMWare ESXi vuln (6 feb)
https://www.theregister.com/2023/02/06/esxi_ransomware_campaign/

No evidence global ransomware hack was by state entity, Italy says (6 feb)
https://www.reuters.com/technology/italys-govt-global-cyber-attack-did-not-come-state-entity-2023-02-06/

ESXi ransomware campaign strikes Florida Supreme Court, worldwide universities (8 feb)
https://www.itpro.com/security/cyber-attacks/370034/esxi-ransomware-florida-supreme-court-worldwide-universities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a script to recover VMware ESXi servers infected with ESXiArgs ransomware (8 feb)
https://securityaffairs.com/141948/malware/uc-cisa-script-esxiargs-ransomware.html

CISA Alert (AA23-039A): ESXiArgs Ransomware Virtual Machine Recovery Guidance (8 feb)
https://www.cisa.gov/uscert/ncas/alerts/aa23-039a

ESXiArgs Ransomware Hits Over 3,800 Servers as Hackers Continue Improving Malware (9 feb)
https://www.securityweek.com/esxiargs-ransomware-hits-over-3800-servers-as-hackers-continue-improving-malware/

Informationssäkerhet och blandat

Test and Study: Do Security Solutions stop Current Ransomware under Windows 11? (20 jan)
https://www.av-test.org/en/news/test-and-study-do-security-solutions-stop-current-ransomware-under-windows-11/

School laptop auction devolves into extortion allegation (6 feb)
https://www.theregister.com/2023/02/06/school_laptop_auction_devolves_into/

Oväntade lärdomen i hemtjänsten efter IT-attacken: ”Det borde ha varit kaos” (7 feb)
https://sverigesradio.se/artikel/ovantade-lardomen-i-hemtjansten-efter-it-attacken-det-borde-varit-kaos

Over 12% of analyzed online stores expose private data, backups (7 feb)
https://www.bleepingcomputer.com/news/security/over-12-percent-of-analyzed-online-stores-expose-private-data-backups/

How to find and remove spyware from your phone (7 feb)
https://www.zdnet.com/article/how-to-find-and-remove-spyware-from-your-phone/

Patient Information Compromised in Data Breach at San Diego Healthcare Provider (8 feb)
https://www.securityweek.com/patient-information-compromised-in-data-breach-at-san-diego-healthcare-provider/

150 lärare använde hackad tjänst – inlogg kan ha läckt (8 feb)
https://sverigesradio.se/artikel/150-larare-anvande-hackad-tjanst-inlogg-kan-ha-lackt

Lost and found: Codebreakers decipher 50+ letters of Mary, Queen of Scots (8 feb)
https://arstechnica.com/science/2023/02/lost-and-found-code-breakers-decipher-50-letters-of-mary-queen-of-scots/

More Than 12% of Analyzed Online Stores Expose Private Backups, Study Shows (8 feb)
https://www.bitdefender.com/blog/hotforsecurity/more-than-12-of-analyzed-online-stores-expose-private-backups-study-shows/
—
Sansec analysis: 12% of online stores leak private backups (7 feb)
https://sansec.io/research/sansec-analysis-12-of-online-stores-leak-private-backups

Se över ert skydd. Anlita en säkerhetsexpert och sätt in en framtidssäker åtgärdsplan med ett aktivt skydd.

Vi är ett säkerhetsföretag baserat i Stockholm, Sverige. Vi har arbetat med säkerhet på Internet i två decennier. Vårt fokus har varit Open Source och är än idag. Vi arbetar dock dagligen även med slutna system.

Varje sekund stoppar vi desinformation, virus, maleware, intrång, attacker. Många av våra säkerhetssystem avvärjer även fientligt hot med hjälp av AI.

Våra säkerhetsexperter besitter en enorm erfarenhet och har ett extremt stort kontaktnät inom IT-säkerhetsbranschen. Våra medarbetare är även med i flertal Bug Bounty program för att säkra olika system.

Anlita oss

Förebyggande arbete innan det händer

Se över skydd

Anlita säkerhetsexperter för att se över era system, web, mailsäkerhet och rutiner. Våra experter hjälper er snabbt hitta era största sårbarheter.

Åtgärdsplan

Om ni anlitat någon av våra säkerhetsexperter kommer ni få en åtgärdsplan som hjälper er att prioritera säkerheten och välja direkta aktiva åtgärder.

Aktivt Skydd

Ett aktivt skydd kan exempelvis bestå av nya säkerhetsrutiner, backupsäkerhetslösningar och ett aktivt DNS-skydd för web och mail och enheter.

Skaffa aktivt skydd

Vi arbetar för ett säkert samhälle

Våra IT-systemen är skapade av oss människor och alla system har därav sårbarheter.

Secuureit finns här för att ge säkerhet i vardagen, men även vid hjälp då något inträffat. Vi hjälper till att säkra kommunikationen men även att aktivt säkra system centralt och på enhetsnivå från fientliga angrepp.