Blandade nyheter från CERT-SE!

Varje vecka publicerar vi en sammanfattning från veckan som gått på CERT.se.

Nyheter i veckan

Hackers hijack legitimate sites to host credit card stealer scripts (4 jun)
https://www.bleepingcomputer.com/news/security/hackers-hijack-legitimate-sites-to-host-credit-card-stealer-scripts/

Bortglömda konton en enorm säkerhetsrisk (5 jun)
https://computersweden.idg.se/2.2683/1.779272/bortglomda-konton-en-enorm-sakerhetsrisk

Ransomware Group Used MOVEit Exploit to Steal Data From Dozens of Organizations (5 jun)
https://www.securityweek.com/ransomware-group-used-moveit-exploit-to-steal-data-from-dozens-of-organizations/

SpinOk Android malware found in more apps with 30 million installs (5 jun)
https://www.bleepingcomputer.com/news/security/spinok-android-malware-found-in-more-apps-with-30-million-installs/

It-attack mot Systembolaget och Swish (5 jun)
https://sverigesradio.se/artikel/it-attack-mot-systembolaget-och-swish

New ‘PowerDrop’ malware targeting US aerospace industry (6 jun)
https://therecord.media/powerdrop-malware-targets-us-aerospace-industry

MoveIt hack: What action can data-breach victims take? (7 jun)
https://www.bbc.com/news/technology-65820603

#StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability (7 jun)
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-158a

BBC, BA and Boots issued with ultimatum by cyber gang Clop (8 jun)
https://www.bbc.com/news/technology-65829726

Aix-Marseille, France’s largest university, hit by cyberattack (8 jun)
https://therecord.media/aix-marseille-university-cyberattack-france

Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack (8 jun)
https://www.securityweek.com/pharmaceutical-giant-eisai-takes-systems-offline-following-ransomware-attack/

Nokia report: IoT Botnet DDoS Attacks Threaten Global Telecom Networks (9 jun)
https://www.hackread.com/iot-botnet-ddos-attacks-telecom-networks-nokia/

Informationssäkerhet och blandat

10 notable critical infrastructure cybersecurity initiatives in 2023 (5 jun)
https://www.csoonline.com/article/3698190/10-notable-critical-infrastructure-cybersecurity-initiatives-in-2023.html

Introducing PCVARK and their malicious ad blockers (5 jun)
https://palant.info/2023/06/05/introducing-pcvark-and-their-malicious-ad-blockers/

2023 Data Breach Investigations Report (DBIR) 
https://www.verizon.com/business/resources/T12f/reports/2023-data-breach-investigations-report-dbir.pdf

Service Rents Email Addresses for Account Signups (6 jun)
https://krebsonsecurity.com/2023/06/service-rents-email-addresses-for-account-signups/

Guide to Securing Remote Access Software (6 jun)
https://www.cisa.gov/resources-tools/resources/guide-securing-remote-access-software

Adversaries increasingly using vendor and contractor accounts to infiltrate networks (6 jun)
https://blog.talosintelligence.com/vendor-contractor-account-abuse/

ChatGPT Hallucinations Open Developers to Supply Chain Malware Attacks (6 jun)
https://www.darkreading.com/application-security/chatgpt-hallucinations-developers-supply-chain-malware-attacks

Microsoft Preps $425M Payment for LinkedIn GDPR Violations (6 jun)
https://www.darkreading.com/endpoint/microsoft-425m-payment-linkedin-gdpr-violations

Experten: Prata inte hemligheter i Kina-bilar (7 jun)
https://teknikensvarld.expressen.se/nyheter/bil-och-trafik/experten-prata-inte-hemligheter-i-kina-bilar/

6 av 10 incidenter orsakas av mänskliga faktorn (7 jun)
https://www.imy.se/nyheter/6-av-10-incidenter-orsakas-av-manskliga-faktorn/
…
Över 5 300 incidenter anmäldes till IMY förra året – men mörkertalet är stort ( 7 jun)
https://computersweden.idg.se/2.2683/1.779363/over-5-300-incidenter-anmaldes-till-imy-forra-aret-men-morkertalet-ar-stort

10 security tool categories needed to shore up software supply chain security (7 jun)
https://www.csoonline.com/article/3697792/10-security-tool-categories-needed-to-shore-up-software-supply-chain-security.html