VECKOBREV

Denna vecka har det varit patchtisdag, med uppdateringar från Microsoft, SAP, Adobe och Ivanti. I övrigt blandade nyheter från veckan.

Trevlig Lucia och tredje advent önskar CERT-SE!

Nyheter i veckan

QR codes bypass browser isolation for malicious C2 communication (8 dec)https://www.bleepingcomputer.com/news/security/qr-codes-bypass-browser-isolation-for-malicious-c2-communication/

Medical device company says shipping processes disrupted by ransomware attack (9 dec)https://therecord.media/artivion-medical-device-company-cyberattack-notice-sec

Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering (9 dec)https://thehackernews.com/2024/12/black-basta-ransomware-evolves-with.html

Romanian energy supplier Electrica hit by ransomware attack (9 dec)https://www.bleepingcomputer.com/news/security/romanian-energy-supplier-electrica-hit-by-ransomware-attack/

Socks5Systemz Botnet Powers Illegal Proxy Service with 85,000+ Hacked Devices (9 dec)https://thehackernews.com/2024/12/socks5systemz-botnet-powers-illegal.html

Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam (10 dec)https://thehackernews.com/2024/12/fake-recruiters-distribute-banking.html

Ongoing Phishing and Malware Campaigns in December 2024 (10 dec)https://thehackernews.com/2024/12/ongoing-phishing-and-malware-campaigns.html

Regioner och kommuner i Västerbotten drabbades av stora internetstörningar (10 dec)https://www.svt.se/nyheter/lokalt/vasterbotten/problem-med-natet-hos-region-vasterbotten

Microsoft 365 outage takes down Office web apps, admin center (10 dec)https://www.bleepingcomputer.com/news/microsoft/microsoft-365-outage-takes-down-office-web-apps-admin-center/

Grävde i fel grav under hackerattack – så säkras systemet (12 dec)https://sverigesradio.se/artikel/gravde-i-fel-grav-under-hackerattack-sa-sakras-systemet

New Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade Detection (13 dec)https://thehackernews.com/2024/12/new-linux-rootkit-pumakit-uses-advanced.html

Japanese publisher paid $3 million to Russia-linked hacker group after cyberattack (13 dec)https://japantoday.com/category/crime/japanese-publisher-paid-3-million-to-hacker-group-after-cyberattack

Rapporter och analyser

RAPPORT: Skyhög ökning av av politiska attacker och utpressningsattacker mot nordiska mål (10 dec)https://www.aktuellsakerhet.se/rapport-skyhog-okning-av-av-politiska-attacker-och-utpressningsattacker-mot-nordiska-mal/

Open source malware up 200% since 2023 (11 dec)https://www.helpnetsecurity.com/2024/12/11/open-source-malware/

Black Hat Europe 2024: Why a CVSS score of 7.5 may be a ‘perfect’ 10 in your organization (13 dec)https://www.welivesecurity.com/en/cybersecurity/black-hat-europe-2024-cvss-score-75-10-your-organization/

Informationssäkerhet och blandat

International operation against ‘phone phishing’ gang in Belgium and the Netherlandshttps://www.europol.europa.eu/media-press/newsroom/news/international-operation-against-phone-phishing-gang-in-belgium-and-netherlands

NATO to launch new cyber center by 2028: Official (6 dec)https://breakingdefense.com/2024/12/nato-to-launch-new-cyber-center-by-2028-official/

Utrikesministern lanserar regeringens strategi om cyberfrågor och digitala frågor inom utrikes- och säkerhetspolitiken (9 dec)https://regeringen.se/pressmeddelanden/2024/12/utrikesministern-lanserar-regeringens-strategi-om-cyberfragor-och-digitala-fragor-inom-utrikes–och-sakerhetspolitiken/

Utredning om överföring av arbetsuppgifter från MSB till FRA inom cyber- och informationssäkerhetsområdet (10 dec)https://regeringen.se/pressmeddelanden/2024/12/utredning-om-overforing-av-arbetsuppgifter-fran-msb-till-fra-inom-cyber–och-informationssakerhetsomradet

Researchers find security flaws in Skoda cars that may let hackers remotely track them (12 dec)https://techcrunch.com/2024/12/12/researchers-find-security-flaws-in-skoda-cars-that-may-let-hackers-remotely-track-them/

NSM anbefaler overgang til phishingresistent autentisering (12 dec)https://nsm.no/fagomrader/digital-sikkerhet/nasjonalt-cybersikkerhetssenter/varsler-fra-ncsc/nsm-anbefaler-overgang-til-phishingresistent-autentisering

CERT-SE i veckan

Kritisk sårbarhet i Mitel MiCollab (9 dec)https://www.cert.se/2024/12/kritisk-sarbarhet-i-mitel-micollab.html

Microsofts månatliga säkerhetsuppdateringar för december 2024 (11 dec)https://www.cert.se/2024/12/microsofts-manatliga-sakerhetsuppdateringar-for-december-2024.html

Kritiska sårbarheter i Ivanti Cloud Services Appliance, Connect Secure och Policy Secure (11 dec)https://www.cert.se/2024/12/kritiska-sarbarheter-i-ivanti-cloud-services-appliance-connect-secure-och-policy-secure.html

Adobes månatliga säkerhetsuppdateringar för december 2024 (11 dec)https://www.cert.se/2024/12/adobes-manatliga-sakerhetsuppdateringar-for-december-2024.html

SAPs månatliga säkerhetsuppdateringar för december 2024 (11 dec)https://www.cert.se/2024/12/saps-manatliga-sakerhetsuppdateringar-for-december-2024.html