VECKOBREV
Under veckan har en sårbarhet i VPN-produkter från Check Points uppmärksammats. Sårbarheten utnyttjas aktivt och att genomföra en exploatering är relativt enkelt. CERT-SE vill därför trycka på vikten att snarast möjligt uppdatera och vidta andra åtgärder. Se vidare: http://www.cert.se/2024/05/nolldagssarbarhet-i-vpn-produkter-fran-check-point.html
Nyheter i veckan
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack (23 maj)https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack/
Lantmäteriet begränsar tillgången till viss information i ett antal digitala tjänster på grund av säkerhetsskäl (24 maj)https://www.lantmateriet.se/sv/om-lantmateriet/press/nyheter/lantmateriet-begransar-tillgangen-till-viss-information-i-ett-antal-digitala-tjanster-pa-grund-av-sakerhetsskal
Potent youth cybercrime ring made up of 1,000 people, FBI official says (24 maj)https://cyberscoop.com/potent-youth-cybercrime-ring-made-up-of-1000-people-fbi-official-says
Hackers phish finance orgs using trojanized Minesweeper clone (26 maj)https://www.bleepingcomputer.com/news/security/hackers-phish-finance-orgs-using-trojanized-minesweeper-clone/
Popular recording software used in courtrooms infected by password-stealing backdoor (27 maj)https://www.techspot.com/news/103151-popular-recording-software-used-courtrooms-infected-password-stealing.html
Police arrest man after computer viruses created by misusing AI (28 maj)https://www.asahi.com/ajw/articles/15283413
Researchers Warn of CatDDoS Botnet and DNSBomb DDoS Attack Technique (28 maj)https://thehackernews.com/2024/05/researchers-warn-of-catddos-botnet-and.html
Treasury Sanctions Creators of 911 S5 Proxy Botnet (28 maj)https://krebsonsecurity.com/2024/05/treasury-sanctions-creators-of-911-s5-proxy-botnet/
Data breach exposes details of 25,000 current and former BBC employees (29 maj)https://www.theguardian.com/media/article/2024/may/29/data-breach-exposes-details-of-25000-current-and-former-bbc-employees
Hackare uppger: Har stulit data från Ticketmaster (29 maj)https://www.svt.se/nyheter/utrikes/hackare-uppger-har-stulit-data-fran-ticketmaster..
It-experten: Dataintrång på biljettjätten kan stämma (29 maj)https://sverigesradio.se/artikel/it-experten-dataintrang-pa-biljettjatten-kan-stamma
Cybercriminals Abuse Stack Overflow to Promote Malicious Python Package (30 maj)https://thehackernews.com/2024/05/cybercriminals-abuse-stackoverflow-to.html
Operation Endgame (30 maj)https://www.troyhunt.com/operation-endgame/..
Largest ever operation against botnets hits dropper malware ecosystem (30 maj)https://www.europol.europa.eu/media-press/newsroom/news/largest-ever-operation-against-botnets-hits-dropper-malware-ecosystem
Rapporter och analyser
Rapport: Var fjärde företag har aldrig testat sin säkerhetsplan (27 maj)https://www.voister.se/artikel/2024/05/rapport-var-fjarde-foretag-har-aldrig-testat-sin-sakerhetsplan..
The CIO report: Leading your business through cyber riskhttps://assets.barracuda.com/assets/docs/dms/barracuda-cyber-resilience-report.pdf
Svenska it-säkerhetschefer ser generativ AI som en stor risk (27 maj)https://computersweden.se/article/2115778/svenska-it-sakerhetschefer-ser-generativ-ai-som-en-stor-risk.html..
2024 Voice of the CISOhttps://www.proofpoint.com/us/resources/white-papers/voice-of-the-ciso-report
Din bil riskerar att bli hackad – om den inte redan är det (27 maj)https://www.his.se/nyheter/2024/maj/din-bil-riskerar-att-bli-hackad–om-den-inte-redan-ar-det
Europe’s cybersecurity chief says disruptive attacks have doubled in 2024, sees Russia behind many (29 maj)https://apnews.com/article/europe-election-cybersecurity-russia-ukraine-5b0cca725d17a028dd458df77a60440c
Informationssäkerhet och blandat
Scientists Have Discovered A New Way To Count (And It’s Actually Really Important) (22 maj)https://www.iflscience.com/scientists-have-discovered-a-new-way-to-count-and-its-actually-really-important-74327
Så hanterade Vellinge vinterns cyberattack (27 maj)https://www.voister.se/artikel/2024/05/sa-hanterade-vellinge-vinterns-cyberattack
EU Is Tightening Cybersecurity for Energy Providers (29 maj)https://www.tripwire.com/state-of-security/eu-tightening-cybersecurity-energy-providers
CERT-SE i veckan
Nolldagssårbarhet i VPN-produkter från Check Point (29 maj)https://www.cert.se/2024/05/nolldagssarbarhet-i-vpn-produkter-fran-check-point.html