VECKOBREV

Blandade nyheter från veckan. Vi vill särskilt trycka på att NCSC har släppt en vägledning om hantering av överbelastningsangrepp.

Trevlig första advent önskar CERT-SE!

Nyheter i veckan

Varningen: ”Ryska cyberattacker kan slå ut elnätet för miljontals” (24 nov)https://sverigesradio.se/artikel/storbritannien-varnar-for-ryska-cyberattacker-kan-sla-ut-elnatet

Russian Cyberspies Hacked Building Across Street From Target for Wi-Fi Attack (25 nov)https://www.securityweek.com/russian-cyberspies-hacked-building-across-street-from-target-for-wi-fi-attack/

Microsoft 365 outage impacts Exchange Online, Teams, Sharepoint (25 nov)https://www.bleepingcomputer.com/news/microsoft/microsoft-365-outage-impacts-exchange-online-teams-sharepoint/

Are Law Enforcement Takedowns Against Ransomware Working? (25 nov)https://www.darkreading.com/vulnerabilities-threats/blackbasta-ransomware-group-conti

PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot (25 nov)https://thehackernews.com/2024/11/pypi-python-library-aiocpa-found.html

Malware Turns Trusted Avast Driver Into a Weapon (26 nov)https://informationsecuritybuzz.com/malware-turns-avast-driver-a-weapon/

Hackers abuse popular Godot game engine to infect thousands of PCs (27 nov)https://www.bleepingcomputer.com/news/security/new-godloader-malware-infects-thousands-of-gamers-using-godot-scripts/

Researchers Discover “Bootkitty” – First UEFI Bootkit Targeting Linux Kernels (27 nov)https://thehackernews.com/2024/11/researchers-discover-bootkitty-first.html

Phishing-as-a-Service “Rockstar 2FA” Targets Microsoft 365 Users with AiTM Attacks (29 nov)https://thehackernews.com/2024/11/phishing-as-service-rockstar-2fa.html

Rapporter och analyser

Guess Who’s Back – The Return of ANEL in the Recent Earth Kasha Spear-phishing Campaign in 2024 (26 nov)https://www.trendmicro.com/en_us/research/24/k/return-of-anel-in-the-recent-earth-kasha-spearphishing-campaign.html

Expert Cybersecurity Predictions for 2025: What Lies Ahead? (27 nov)https://informationsecuritybuzz.com/isb-cybersecurity-predictions-2025-1/

Ransomware-driven data exfiltration: techniques and implications (27 nov)https://blog.sekoia.io/ransomware-driven-data-exfiltration-techniques-and-implications/

Vägledning om överbelastningsangrepp (27 nov)https://www.ncsc.se/sv/aktuellt/vagledning-om-overbelastningsangrepp/

SIRIUS EU Electronic Evidence Situation Report 2024 (28 nov)https://www.europol.europa.eu/publications-events/publications/sirius-eu-electronic-evidence-situation-report-2024

Informationssäkerhet och blandat

The threats of USB-based attacks for critical infrastructurehttps://www.techradar.com/pro/the-threats-of-usb-based-attacks-for-critical-infrastructure

Så arbetar Polisen med cyberbrott – ”vi har bra kompetens” (25 nov)https://computersweden.se/article/3610197/sa-arbetar-polisen-med-cyberbrott-vi-har-en-bra-kompetens.html

Collaboration is key to tackling cybercrime. Recent takedowns show why (26 nov)https://www.weforum.org/stories/2024/11/collaboration-key-tackling-cybercrime-cybersecurity/

AI-kommissionens Färdplan för Sverige (26 nov)https://regeringen.se/rapporter/2024/11/ai-kommissionens-fardplan-for-sverige/

Interpol Clamps Down on Cybercrime and Arrests Over 1,000 Suspects in Africa (26 nov)https://www.securityweek.com/interpol-clamps-down-on-cybercrime-and-arrests-over-1000-suspects-in-africa/

NCSC-konferensen 2024: Säkra verksamheten vid en cyberattack (26 nov)https://www.ncsc.se/sv/aktuellt/sakra-verksamheten-vid-en-cyberattack/

New VPN Attack Demonstrated Against Palo Alto Networks, SonicWall Products (27 nov)https://www.securityweek.com/new-vpn-attack-demonstrated-against-palo-alto-networks-sonicwall-products/

Growing Matrix Botnet Poses Escalating Global Threat (27 nov)https://informationsecuritybuzz.com/matrix-botnet-escalating-global-threat/

170 000 personnummer kan ha hanterats fel – i över tio år (28 nov)https://sverigesradio.se/artikel/170-000-personnummer-kan-ha-hanterats-fel-i-over-tio-ar

Why cybersecurity leaders trust the MITRE ATT&CK Evaluations (28 nov)https://www.helpnetsecurity.com/2024/11/28/cynet-mitre-attck-evaluations/

Analog utlåning i Kumla efter cyberangrepp (28 nov)https://www.biblioteksbladet.se/nyheter/analog-utlaning-i-kumla-efter-cyberangrepp/