Publicerad 2022-10-14 14:57 CERT-SE:s veckobrev v.41En maffig samling av blandade nyheter från en händelserik vecka. CERT-SE har uppmärksammat flera kritiska sårbarheterTrevlig helg! Nyheter i veckanBinance-linked blockchain hit by $570 million crypto hack (7 okt)https://www.reuters.com/technology/hackers-steal-around-100-million-cryptocurrency-binance-linked-blockchain-2022-10-07/A Visualizza into Recent IcedID Campaigns: Reconstructing Threat Actor Metrics with Pure Signal Recon (7 okt)https://www.team-cymru.com/post/a-visualizza-into-recent-icedid-campaignsCallback phishing attacks evolve their social engineering tactics (8 okt)https://www.bleepingcomputer.com/news/security/callback-phishing-attacks-evolve-their-social-engineering-tactics/...https://www.trellix.com/en-us/about/newsroom/stories/research/evolution-of-bazarcall-social-engineering-tactics.html400 appar kan ha stulit Facebook-användares inloggningsuppgifter (8 okt)https://pcforalla.idg.se/2.1054/1.771365/400-appar-kan-ha-stulit-facebook-anvandares-inloggningsuppgifterIntel confirms leaked Alder Lake BIOS Source Code is authentic (9 okt)https://www.bleepingcomputer.com/news/security/intel-confirms-leaked-alder-lake-bios-source-code-is-authentic/...https://www.tomshardware.com/news/intel-confirms-6gb-alder-lake-bios-source-code-leak-new-details-emergeThat thing to help protect internet traffic from hijacking? Here's how to break it (9 okt)https://www.theregister.com/2022/10/09/internet_traffic_routing_defense/US airports' sites taken down in DDoS attacks by pro-Russian hackers (10 okt)https://www.bleepingcomputer.com/news/security/us-airports-sites-taken-down-in-ddos-attacks-by-pro-russian-hackers/The Fresh Phish Market: Behind the Scenes of the Caffeine Phishing-as-a-Service Platform (10 okt)https://www.mandiant.com/resources/blog/caffeine-phishing-service-platformCriminal multitool LilithBot arrives on malware-as-a-service scene (10 okt)https://www.theregister.com/2022/10/10/eternity_lilithbot_malware_bundle/...https://www.zscaler.com/blogs/security-research/analysis-lilithbot-malware-and-eternity-threat-groupToyota discloses data leak after access key exposed on GitHub (10 okt)https://www.bleepingcomputer.com/news/security/toyota-discloses-data-leak-after-access-key-exposed-on-github/Second Australia-based Singtel subsidiary hacked (10 okt)https://www.channelnewsasia.com/business/second-australia-based-singtel-subsidiary-hacked-2999046Poddtips: Serious Security: OAuth 2 and why Microsoft is finally forcing you into it (10 okt)https://nakedsecurity.sophos.com/2022/10/10/serious-security-oauth-2-and-why-microsoft-is-finally-forcing-you-into-it/The Race to Native Code Execution in PLCs: Using RCE to Uncover Siemens SIMATIC S7-1200/1500 Hardcoded Cryptographic Keys (11 okt)https://claroty.com/team82/research/the-race-to-native-code-execution-in-plcs-using-rce-to-uncover-siemens-simatic-s7-1200-1500-hardcoded-cryptographic-keysHidden DNS resolver insecurity creates widespread website hijack risk (11 okt)https://portswigger.net/daily-swig/hidden-dns-resolver-insecurity-creates-widespread-website-hijack-riskA Way to Watering Hole Attack and its Exploitation Steps (11 okt)https://securityboulevard.com/2022/10/a-way-to-watering-hole-attack-and-its-exploitation-steps/KB5020282—Account lockout available for local administrators (11 okt)https://support.microsoft.com/en-us/topic/kb5020282-account-lockout-available-for-local-administrators-bce45c4d-f28d-43ad-b6fe-70156cb2dc00How Wi-Fi spy drones snooped on financial firm (12 okt)https://www.theregister.com/2022/10/12/drone-roof-attack/Black Basta Ransomware Gang Infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike (12 okt)https://www.trendmicro.com/en_us/research/22/j/black-basta-infiltrates-networks-via-qakbot-brute-ratel-and-coba.htmlHospital giant's IT still poorly a week after suspected ransomware infection (12 okt)https://www.theregister.com/2022/10/12/hospital_outages_ransomware/Securing IoT Devices in a World of Complexity (12 okt)https://securityboulevard.com/2022/10/securing-iot-devices-in-a-world-of-complexity/Nine months on from the Cyber Essentials update - debunking some myths (13 okt)https://www.ncsc.gov.uk/blog-post/reviewing-the-cyber-essentials-update-2022Alchimist: A new attack framework in Chinese for Mac, Linux and Windows (13 okt)https://blog.talosintelligence.com/2022/10/alchimist-offensive-framework.htmlMirai Botnet Launched 2.5 Tbps DDoS Attack Against Minecraft Server (13 okt)https://www.securityweek.com/mirai-botnet-launched-25-tbps-ddos-attack-against-minecraft-serverMagniber Ransomware Adopts JavaScript, Targeting Home Users with Fake Software Updates (13 okt)https://threatresearch.ext.hp.com/magniber-ransomware-switches-to-javascript-targeting-home-users-with-fake-software-updates/Attacken mot Naturvårdsverket – mängder av data ska ha läckt (14 okt)https://computersweden.idg.se/2.2683/1.771674/attacken-mot-naturvardsverket--mangder-av-data-ska-ha-lacktInformationssä
