Publicerad 2023-01-05 12:55 CERT-SE:s veckobrev v.1Årets första vecka bjuder på blandad läsning med nyheter och fördjupningar om ransomware, årsskiftessummeringar samt den nya MSB-rapporten Ändringar som både hotar och skyddar - 20 rekommendationer för säkrare ändringar i våra informationssystem. Trevlig läsning och Trettondagshelg önskar CERT-SE! Nyheter i veckanCanadian mining firm shuts down mill after ransomware attack (30 dec)https://www.bleepingcomputer.com/news/security/canadian-mining-firm-shuts-down-mill-after-ransomware-attack/Why MFA Can't Combat Growing Infostealer Malware Attacks (31 dec)https://www.govinfosecurity.com/mfa-cant-combat-growing-infostealer-malware-attacks-a-20785Bristol Community College reveals they were the victim of a criminal cyberattack (31 dec)https://fallriverreporter.com/bristol-community-college-reveals-they-were-the-victim-of-a-criminal-cyberattack/Våg av dataintrång oroar experter (2 jan)https://www.dn.se/sverige/vag-av-dataintrang-oroar-experter/Port of Lisbon targeted by LockBit ransomware hackers, website still down down (2 jan)https://industrialcyber.co/news/port-of-lisbon-targeted-by-lockbit-ransomware-hackers-website-still-down/Hackergruppen ”Alverna” slåss mot ryska troll (2 jan)https://www.svt.se/nyheter/utrikes/alverna-star-vid-informationskrigets-frontlinjeBitRAT Now Sharing Sensitive Bank Data as a Lure (3 jan)https://blog.qualys.com/vulnerabilities-threat-research/2023/01/03/bitrat-now-sharing-sensitive-bank-data-as-a-lureToyota's Indian unit warns of a possible customer data breach (3 jan)https://www.reuters.com/technology/toyotas-indian-unit-warns-possible-customer-data-breach-2023-01-01/Ransomware impacts over 200 govt, edu, healthcare orgs in 2022 (3 jan)https://www.bleepingcomputer.com/news/security/ransomware-impacts-over-200-govt-edu-healthcare-orgs-in-2022/Så riktas hackarattacker mot Ukraina – ryska grupper pekas ut (3 jan)https://www.dn.se/varlden/sa-riktas-hackarattacker-mot-ukraina-ryska-grupper-pekas-ut/Hackers claim ransomware attack on Los Angeles housing authority (3 jan)https://techcrunch.com/2023/01/03/hackers-claims-ransomware-attack-on-los-angeles-housing-authority/Royal ransomware claims attack on Queensland University of Technology (3 jan)https://www.bleepingcomputer.com/news/security/royal-ransomware-claims-attack-on-queensland-university-of-technology/Many Exchange servers still vulnerable to ProxyNotShell flaw (3 jan)https://www.techtarget.com/searchsecurity/news/252528809/Many-Exchange-servers-still-vulnerable-to-ProxyNotShell-flawCyberattackers Torch Python Machine Learning Project (3 jan)https://www.darkreading.com/application-security/cyberattackers-torch-python-machine-learning-projectRail giant Wabtec discloses data breach after Lockbit ransomware attack (3 jan)https://www.bleepingcomputer.com/news/security/rail-giant-wabtec-discloses-data-breach-after-lockbit-ransomware-attack/Swansea Public Schools canceled on Wednesday after cyber attack (3 jan)https://eu.heraldnews.com/story/news/education/2023/01/03/swansea-public-schools-canceled-on-wednesday-after-cyber-attack/69775598007/Cyber attack on car dealership Arnold Clark forces systems offline (4 jan)https://www.itpro.com/security/cyber-attacks/369792/cyber-attack-arnold-clark-forces-systems-offlineCyber attack leaves school board’s employee data compromised (4 jan)https://www.insurancebusinessmag.com/ca/news/cyber/cyber-attack-leaves-school-boards-employee-data-compromised-431758.aspxNew Phishing Campaign Impersonates Flipper Zero to Target Cyber Professionals (4 jan)https://www.infosecurity-magazine.com/news/phishing-campaign-uses-flipper-zero/Hacker Selling Data Allegedly Stolen From Volvo Cars Following Ransomware Attack (4 jan)https://www.securityweek.com/hacker-selling-data-allegedly-stolen-volvo-cars-following-ransomware-attackSlack's private GitHub code repositories stolen over holidays (5 jan)https://www.bleepingcomputer.com/news/security/slacks-private-github-code-repositories-stolen-over-holidays/Informationssäkerhet och blandatCounting Down to Quantum? Here’s What Security Teams Need To Know (30 dec)https://www.cpomagazine.com/cyber-security/counting-down-to-quantum-heres-what-security-teams-need-to-know/--https://www.infosecurity-magazine.com/news/biden-quantum-cybersecurity-law/The world’s most common passwords: What to do if yours is on the list (2 jan)https://www.welivesecurity.com/2023/01/02/most-common-passwords-what-do-if-yours-list/Ransomware ecosystem becoming more diverse for 2023 (2 jan)https://www.csoonline.com/article/3684248/ransomware-ecosystem-becoming-more-diverse-for-2023.htmlThe State of Ransomware in the US: Report and Statistics 2022 (2 jan)https://www.emsisoft.com/en/blog/43258/the-state-of-ransomware-in-the-us-report-and-statistics-2022/Our Experts' Top Cybersecurity Predictions for 2023 (2 jan)https://www.cisecurity.org/insights/blog/our-experts-top-cybersecurity-predictions-for-2023Europol: Digital skimming (3 jan)https://www.europol.europ
