VECKOBREV
Denna vecka har det varit patchtisdag, men vi har även uppmärksammat ytterligare några kritiska sårbarheter. Se till att alla relevanta säkerhetsuppdateringar är genomförda. Vi tipsar även om ett antal läsvärda analyser och rapporter.
Nyheter i veckan
Heartbleed is 10 Years Old – Farewell Heartbleed, Hello QuantumBleed! (2 apr)https://www.securityweek.com/heartbleed-is-10-years-old-farewell-heartbleed-hello-quantumbleed/..
The Heartbleed Bughttps://heartbleed.com/
Ivanti CEO pledges to “fundamentally transform” its hard-hit security model (5 apr)https://arstechnica.com/security/2024/04/ivanti-following-years-of-critical-vpn-exploits-pledges-new-era-of-security/
Cyberkatastrofen avvärjdes – av en slump (5 apr)https://computersweden.se/article/2083427/cyberkatastrofen-avvarjdes-av-en-slump.html
New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA (5 apr)https://thehackernews.com/2024/04/new-wave-of-jsoutprox-malware-targeting.html
Over 92,000 exposed D-Link NAS devices have a backdoor account (6 apr)https://www.bleepingcomputer.com/news/security/over-92-000-exposed-d-link-nas-devices-have-a-backdoor-account/
Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites (6 apr)https://thehackernews.com/2024/04/hackers-exploit-magento-bug-to-steal.html
Puppies, kittens, data at risk after ‘cyber incident’ at veterinary giant (8 apr)https://www.theregister.com/2024/04/08/cyber_incident_strikes_veterinary_services/
Change Healthcare faces second ransomware dilemma weeks after ALPHV attack (8 apr)https://www.theregister.com/2024/04/08/change_healthcare_ransomware/
The Drop in Ransomware Attacks in 2024 and What it Means (8 apr)https://thehackernews.com/2024/04/the-drop-in-ransomware-attacks-in-2024.html
Toward greater transparency: Adopting the CWE standard for Microsoft CVEs (8 apr)https://msrc.microsoft.com/blog/2024/04/toward-greater-transparency-adopting-the-cwe-standard-for-microsoft-cves/
DoD Moves Towards Zero-Trust Cybersecurity Framework (9 apr)https://news.clearancejobs.com/2024/04/09/zero-trust-cybersecurity-framework-in-the-dod/
CISA Announces Malware Next-Gen Analysis (10 apr)https://www.cisa.gov/news-events/news/cisa-announces-malware-next-gen-analysis
Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files (10 apr)https://thehackernews.com/2024/04/raspberry-robin-returns-new-malware.html
Fallout from XZ/SSH supply chain attack continues (10 apr)https://pducklin.com/2024/04/10/fallout-from-xz-ssh-supply-chain-attack-continues/
Apple: Mercenary spyware attacks target iPhone users in 92 countries (11 apr)https://www.bleepingcomputer.com/news/security/apple-mercenary-spyware-attacks-target-iphone-users-in-92-countries/
US Cyber Force Assisted Foreign Governments 22 Times in 2023 (11 apr)https://www.securityweek.com/us-cyber-force-assisted-foreign-governments-22-times-in-2023/
French issue alerte rouge after local governments knocked offline by cyber attack (12 apr)https://www.theregister.com/2024/04/12/french_municipalities_cyberattack/
Rapporter och analyser
ScrubCrypt Deploys VenomRAT with an Arsenal of Plugins (8 apr)https://www.fortinet.com/blog/threat-research/scrubcrypt-deploys-venomrat-with-arsenal-of-plugins
Linux kernel on Intel systems is susceptible to Spectre v2 attacks (9 apr)https://kb.cert.org/vuls/id/155143
Top MITRE ATT&CK Techniques and How to Defend Against Them (10 apr)https://www.darkreading.com/cyberattacks-data-breaches/top-mitre-attack-techniques-how-to-defend-against
Security Brief: TA547 Targets German Organizations with Rhadamanthys Stealer (10 apr)https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta547-targets-german-organizations-rhadamanthys-stealer
Metasploit Meterpreter Installed via Redis Server (11 apr)https://asec.ahnlab.com/en/64034/
Cyberespionage Group Earth Hundun’s Continuous Refinement of Waterbear and Deuterbear (11 apr)https://www.trendmicro.com/en_us/research/24/d/earth-hundun-waterbear-deuterbear.html
Informationssäkerhet och blandat
Hacker Leaks 8.5M U.S. Environmental Protection Agency (EPA) Contact Data (7 apr)https://www.hackread.com/us-environmental-protection-agency-hacked-data-leaked/
How Engineers at Digital Equipment Corp. Saved Ethernet (7 apr)https://spectrum.ieee.org/how-dec-engineers-saved-ethernet
IMF: Finanssektorn kraftigt exponerad mot cyberattacker – nu krävs ökad beredskap (10 apr)https://www.voister.se/artikel/2024/04/imf-finanssektorn-kraftigt-exponerad-mot-cyberattacker-nu-kravs-okad-beredskap..
Rising Cyber Threats Pose Serious Concerns for Financial Stability (9 apr)https://www.imf.org/en/Blogs/Articles/2024/04/09/rising-cyber-threats-pose-serious-concerns-for-financial-stability
385 miljoner kronor till satsningar på civilt försvar och cybersäkerhet (11 apr)https://www.regeringen.se/pressmeddelanden/2024/04/385-miljoner-kronor-till-satsningar-pa-civilt-forsvar-och-cybersakerhet/
Global taxi software vendor exposes details of nearly 300K across UK and Ireland (11 apr)https://www.theregister.com/2024/04/11/icabbi_database_exposure/
Why women struggle in the cybersecurity industry (12 apr)https://www.helpnetsecurity.com/2024/04/12/women-cybersecurity-workplace-experiences/
LastPass Employee Targeted With Deepfake Calls (12 apr)https://www.securityweek.com/lastpass-employee-targeted-with-deepfake-calls/
CERT-SE i veckan
Kritisk sårbarhet i IBM Personal Communicationshttps://www.cert.se/2024/04/kritisk-sarbarhet-i-ibm-personal-communications.html
SAP:s månatliga säkerhetsuppdateringar för april 2024https://www.cert.se/2024/04/saps-manatliga-sakerhetsuppdateringar-for-april-2024.html
Adobes månatliga säkerhetsuppdateringar för april 2024https://www.cert.se/2024/04/adobes-manatliga-sakerhetsuppdateringar-for-april-2024.html
Microsofts månatliga säkerhetsuppdateringar för april 2024https://www.cert.se/2024/04/microsofts-manatliga-sakerhetsuppdateringar-for-april-2024.html
Flera sårbarheter i Fortinet-produkterhttps://www.cert.se/2024/04/flera-sarbarheter-i-fortinet-produkter.html
Kritisk sårbarhet i PAN-OShttps://www.cert.se/2024/04/kritisk-sarbarhet-i-pan-os.html