Nytt år och rykande färska veckobrev från CERT.se.
Vi återpublicerar i sin helhet nyhetsbrev från CERT.se.
Nyheter i veckan
Cyberattacker och desinformation väntas under supervalår (2 jan)https://sverigesradio.se/artikel/cyberattacker-och-desinformation-vantas-under-supervalar
Anställdas sjukintyg och bankkonton röjda efter attack (2 jan)https://sverigesradio.se/artikel/anstalldas-sjukintyg-och-bankkonton-rojda-efter-attack..
Hackerattack mot Svenska kyrkan ska utredas av FBI (6 jan)https://sverigesradio.se/artikel/en-manads-gisslandrama-kyrkan-hoppas-pa-fbi
Nearly 11 million SSH servers vulnerable to new Terrapin attacks (3 jan)https://www.bleepingcomputer.com/news/security/nearly-11-million-ssh-servers-vulnerable-to-new-terrapin-attacks
Follow-On Extortion Campaign Targeting Victims of Akira and Royal Ransomware (4 jan)https://arcticwolf.com/resources/blog/follow-on-extortion-campaign-targeting-victims-of-akira-and-royal-ransomware
Stealthy AsyncRAT malware attacks targets US infrastructure for 11 months (7 jan)https://www.bleepingcomputer.com/news/security/stealthy-asyncrat-malware-attacks-targets-us-infrastructure-for-11-months
AI advances risk facilitating cyber crime, top US officials say (9 jan)https://www.reuters.com/technology/cybersecurity/ai-advances-risk-facilitating-cyber-crime-top-us-officials-say-2024-01-09
Hackers target Microsoft SQL servers in Mimic ransomware attacks (9 jan)https://www.bleepingcomputer.com/news/security/hackers-target-microsoft-sql-servers-in-mimic-ransomware-attacks
Finland warns of Akira ransomware wiping NAS and tape backup devices (11 jan)https://www.bleepingcomputer.com/news/security/finland-warns-of-akira-ransomware-wiping-nas-and-tape-backup-devices
Fidelity National Financial cyberattack – more than one million impacted (11 jan)https://www.insurancebusinessmag.com/us/news/cyber/fidelity-national-financial-cyberattack–more-than-one-million-impacted-472531.aspx
Researchers Flag FBot Hacking Tool Hijacking Cloud, Payment Services (11 jan)https://www.securityweek.com/researchers-flag-fbot-hacking-tool-hijacking-cloud-payment-services
Approaching the international perspective on cybersecurity (11 jan)https://www.ocsc.info/insights/news/approaching-the-international-perspective-on-cybersecurity
Rapporter och analyser
NIST Identifies Types of Cyberattacks That Manipulate Behavior of AI Systems (4 jan)https://www.nist.gov/news-events/news/2024/01/nist-identifies-types-cyberattacks-manipulate-behavior-ai-systems
Deceptive Cracked Software Spreads Lumma Variant on YouTube (8 jan)https://www.fortinet.com/blog/threat-research/lumma-variant-on-youtube
Ti sårbarheter går igjen i norske IKT-systemer (8 jan)https://nsm.no/aktuelt/ti-sarbarheter-gar-igjen-i-norske-ikt-systemer
New decryptor for Babuk Tortilla ransomware variant released (9 jan)https://blog.talosintelligence.com/decryptor-babuk-tortilla
You Had Me at Hi — Mirai-Based NoaBot Makes an Appearance (10 jan)https://www.akamai.com/blog/security-research/mirai-based-noabot-crypto-mining
Unit 42 Attack Surface Threat Report (11 jan)https://www.paloaltonetworks.com/resources/research/2023-unit-42-attack-surface-threat-report
Clearing the Fog of War (11 jan)https://www.forescout.com/resources/clearing-the-fog-of-war/
Informationssäkerhet och blandat
Entire population of Brazil possibly exposed in massive data leak (10 jan)https://cybernews.com/security/brazil-data-leak-cpf-card
New guidance to help small organisations use online services more securely (11 jan)https://www.ncsc.gov.uk/blog-post/using-online-services-safely
Info-stealers can steal cookies for permanent access to your Google account (11 jan)https://www.malwarebytes.com/blog/news/2024/01/info-stealers-can-steal-cookies-for-permanent-access-to-your-google-account
Utvalda länkar från juluppehållet
NSA Publishes 2023 Cybersecurity Year in Review (19 dec)https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3621654/nsa-publishes-2023-cybersecurity-year-in-review
Cyberattack mot Coop i Värmland (22 dec)https://www.tv4.se/artikel/1wCdrTThajamWHl1nV9oG6/hackerattack-mot-coop-gar-inte-betala-med-kort
Action against digital skimming reveals 443 compromised online merchants (22 dec)https://www.europol.europa.eu/media-press/newsroom/news/action-against-digital-skimming-reveals-443-compromised-online-merchants
The ticking time bomb of Microsoft Exchange Server 2013 (22 dec)https://doublepulsar.com/the-ticking-time-bomb-of-microsoft-exchange-server-2013-d0850b80465b
Quantum Computing’s Hard, Cold Reality Check (22 dec)https://spectrum.ieee.org/quantum-computing-skeptics
Larmet: Sju av tio i offentlig sektor är inte cybersäkra (23 dec)https://sverigesradio.se/artikel/msb-dalig-cybersakerhet-inom-offentlig-sektor
Misstänkt it-attack mot Härjedalens kommun: ”Alla system påverkade” (24 dec)https://sverigesradio.se/artikel/misstankt-it-attack-mot-harjedalens-kommun-kommunchef-alla-system-paverkade..
Efter cyberattacken: Härjedalens kommun kämpar med att återställa it-systemen (8 jan)https://computersweden.idg.se/2.2683/1.780708/efter-cyberattacken-harjedalens-kommun-kampar-med-att-aterstalla-it-systemen
Varnar: Betala inte hackarnas utpressningar – slår dubbelt (26 dec)https://sverigesradio.se/artikel/varnar-betala-inte-hackarnas-utpressningar-slar-dubbelt
Hackerattack mot parkeringsjätte: Har sannolikt inte avancerat skydd (27 dec)https://www.dn.se/sverige/hackerattack-mot-parkeringsjatte-har-sannolikt-inte-avancerat-skydd
Lockbit ransomware disrupts emergency care at German hospitals (27 dec)https://www.bleepingcomputer.com/news/security/lockbit-ransomware-disrupts-emergency-care-at-german-hospitals
Efter it-attacken i Kalix: ”Kostar tre miljoner mer idag” (28 dec)https://sverigesradio.se/artikel/efter-it-attacken-i-kalix-kostar-tre-miljoner-mer-idag
Top 10 Vulnerabilities That Were Exploited the Most In 2023 (28 dec)https://cybersecuritynews.com/top-10-vulnerabilities-that-were-exploited-the-most-in-2023
WCC hit by ransomware attack (28 dec)https://www.oikoumene.org/news/wcc-hit-by-ransomware-attack..
Kyrkornas världsråd drabbat av cyber-angrepp (28 dec)https://via.tt.se/pressmeddelande/3393640/cyberangrepp-mot-svenska-kyrkan
Cyber-hackers target UK nuclear waste company RWM (31 dec)https://www.theguardian.com/business/2023/dec/31/cyber-hackers-target-uk-nuclear-waste-company-rwm
CERT-SE i veckan
Kritiska sårbarheter i Juniper-produkterhttps://www.cert.se/2024/01/kritiska-sarbarheter-i-juniper-produkter.html
Kritisk sårbarhet i Fortinet-produkterhttps://www.cert.se/2024/01/kritisk-sarbarhet-i-fortinet-produkter.html
Kritiska sårbarheter i Ivanti Connect Secure och Policy Securehttps://www.cert.se/2024/01/kritiska-sarbarheter-i-ivanti-connect-secure-och-policy-secure.html
SAP:s månatliga säkerhetsuppdateringar för januari 2024https://www.cert.se/2024/01/sap-manatliga-sakerhetsuppdateringar-for-januari-2024.html
Microsofts månatliga säkerhetsuppdateringar för januari 2024https://www.cert.se/2024/01/microsofts-manatliga-sakerhetsuppdateringar-for-januari-2024.html
Ivanti rättar kritisk sårbarhet i Ivanti EPMhttps://www.cert.se/2024/01/ivanti-rättar-kritisk-sårbarhet-i-ivanti-epm.html
Kritisk sårbarhet i Apache OfBizhttps://www.cert.se/2023/12/kritisk-sarbarhet-i-apache-ofbiz.html