CERT-SE:s veckobrev v.32

VECKOBREV

I Las Vegas har denna vecka Black Hat gått av stapeln, men vi vill också pusha för att i Linköping anordnar Frivilliga Radioorganisaitonen den 20-22 september en tjejhelg med cybersäkerhetstema. Mer information och länk för anmälan finns nedan. I övrigt blandade nyheter för veckan. Trevlig helg!

Nyheter i veckan

Linux kernel impacted by new SLUBStick cross-cache attack (3 aug)https://www.bleepingcomputer.com/news/security/linux-kernel-impacted-by-new-slubstick-cross-cache-attack/

Surge in Magniber ransomware attacks impact home users worldwide (4 aug)https://www.bleepingcomputer.com/news/security/surge-in-magniber-ransomware-attacks-impact-home-users-worldwide/amp/

Olympic venue among 40 museums hit by ransomware attack: French police source (5 aug)https://www.digitaljournal.com/world/olympic-venue-among-40-museums-hit-by-ransomware-attack-french-police-source/article

Microsoft Azure outage takes down services across North America (5 aug)https://www.bleepingcomputer.com/news/microsoft/microsoft-azure-outage-takes-down-services-across-north-america/

Ransomware gang targets IT workers with new SharpRhino malware (5 aug)https://www.bleepingcomputer.com/news/security/hunters-international-ransomware-gang-targets-it-workers-with-new-sharprhino-malware/

New LianSpy malware hides by blocking Android security feature (5 aug)https://www.bleepingcomputer.com/news/security/new-lianspy-malware-hides-by-blocking-android-security-feature/

Cyberattack Wipes 13,000 School Devices in Mobile Guardian Breach (6 aug)https://hackread.com/cyberattack-wipes-school-devices-mobile-guardian-breach/

Microsoft 365 anti-phishing feature can be bypassed with CSS (7 aug)https://www.bleepingcomputer.com/news/security/microsoft-365-anti-phishing-feature-can-be-bypassed-with-css/

Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise (7 aug)https://www.helpnetsecurity.com/2024/08/07/github-bitbucket-gitlab-jira-incidents/

Windows Update downgrade attack “unpatches” fully-updated systems (7 aug)https://www.bleepingcomputer.com/news/microsoft/windows-update-downgrade-attack-unpatches-fully-updated-systems/

Las Vegas police issues cyber advisory with cybersecurity, hacker conventions in town (8 aug)https://www.fox5vegas.com/2024/08/08/las-vegas-police-issues-cyber-advisory-with-cybersecurity-hacker-conventions-town/

0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices (8 aug)https://thehackernews.com/2024/08/0000-day-18-year-old-browser.html

Exclusive: Russian spies hacked UK government systems earlier this year, stole data and emails (8 aug)https://therecord.media/russia-hack-uk-government-home-office-microsoft

Rapporter och fördjupningar

Email attacks skyrocket 293% (6 aug)https://www.helpnetsecurity.com/2024/08/06/email-attacks-h1-2024/

External Technical Root Cause Analysis — Channel File 291 (6 aug)https://www.crowdstrike.com/wp-content/uploads/2024/08/Channel-File-291-Incident-Root-Cause-Analysis-08.06.2024.pdf

Dismantling Smart App Control (6 aug)https://www.elastic.co/security-labs/dismantling-smart-app-control

#StopRansomware: Blacksuit (Royal) Ransomware (7 aug)https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-061a

Malware-as-a-Service and Ransomware-as-a-Service lower barriers for cybercriminals (9 aug)https://www.helpnetsecurity.com/2024/08/09/maas-threat-landscape/

Informationssäkerhet och blandat

Sam Altman accused of being shady about OpenAI’s safety efforts (2 aug)https://arstechnica.com/tech-policy/2024/08/sam-altman-accused-of-being-shady-about-openais-safety-efforts/

Introducing Active Cyber Defence 2.0 (2 aug)https://www.ncsc.gov.uk/blog-post/introducing-active-cyber-defence-2

Windows Smart App Control, SmartScreen bypass exploited since 2018 (5 aug)https://www.bleepingcomputer.com/news/microsoft/windows-smart-app-control-smartscreen-bypass-exploited-since-2018/

INTERPOL Recovers $41 Million in Largest Ever BEC Scam in Singapore (6 aug)https://thehackernews.com/2024/08/interpol-recovers-41-million-in-largest.html

CISA Releases Secure by Demand Guidance (6 aug)https://www.cisa.gov/news-events/alerts/2024/08/06/cisa-releases-secure-demand-guidance

Royal ransomware successor BlackSuit has demanded more than $500 million (7 aug)https://therecord.media/royal-ransomware-blacksuit-half-billion

Best Practices for Cisco Device Configuration (8 aug)https://www.cisa.gov/news-events/alerts/2024/08/08/best-practices-cisco-device-configuration

Secure by Demand Guide: How Software Customers Can Drive a Secure Technology Ecosystemhttps://www.cisa.gov/resources-tools/resources/secure-demand-guide

Tjejhelg med FRO – Upptäck cybersäkerhethttps://linkopingsciencepark.se/event/tjejhelg-med-fro-upptack-cybersakerhet/

CERT-SE i veckan

Sårbarheter i Roundcube (6 aug)https://www.cert.se/2024/08/sarbarheter-i-roundcube.html