CERT-SE:s veckobrev v.25

Lite kortare veckobrev denna kortvecka. Glad midsommar önskar CERT-SE!

Nyheter i veckan

CISA Order Highlights Persistent Risk at Network Edge (15 jun)
https://krebsonsecurity.com/2023/06/cisa-order-highlights-persistent-risk-at-network-edge/

Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks (16 jun)
https://msrc.microsoft.com/blog/2023/06/microsoft-response-to-layer-7-distributed-denial-of-service-ddos-attacks/
..
Microsoft bekräftar: ddos-attacker bakom störningar för Azure och Outlook (19 jun)
https://computersweden.idg.se/2.2683/1.779468/microsoft-bekraftar-ddos-attacker-bakom-storningar-for-azure-och-outlook

This new malware is proving quite popular… and dangerous (19 jun)
https://www.techradar.com/news/this-new-malware-is-proving-quite-popular-and-dangerous

Researchers Discover New Sophisticated Toolkit Targeting Apple macOS Systems (19 jun)
https://thehackernews.com/2023/06/researchers-discover-new-sophisticated.html

Moveit hack: attack on BBC and BA offers glimpse into the future of cybercrime (19 jun)
https://theconversation.com/moveit-hack-attack-on-bbc-and-ba-offers-glimpse-into-the-future-of-cybercrime-207670

European Investment Bank hit by cyber attack after Russian hackers vow to bring down financial system (19 jun)
https://www.telegraph.co.uk/business/2023/06/19/european-investment-bank-cyber-attack-russian-hackers/

Ransomware gang preys on cancer centers, triggers alert (20 jun)
https://www.scmagazine.com/news/ransomware/ransomware-cancer-center-alert

Rorschach Ransomware: What You Need to Know (20 jun)
https://www.darkreading.com/attacks-breaches/rorschach-ransomware-what-you-need-to-know

Massive Leak Of ChatGPT Credentials: Over 100,000 Accounts Affected (20 jun)
https://www.searchenginejournal.com/massive-leak-of-chatgpt-credentials-over-100000-accounts-affected/489801/
..
100K+ Infected Devices Leak ChatGPT Accounts to the Dark Web (20 jun)
https://www.darkreading.com/application-security/100k-infected-devices-leak-chatgpt-accounts-dark-web

Informationssäkerhet och blandat

JPL Creates World’s Largest PDF Archive to Aid Malware Research (14 jun)
https://www.jpl.nasa.gov/news/jpl-creates-worlds-largest-pdf-archive-to-aid-malware-research

Food Producers Band Together in Face of Cyber Threats (15 jun)
https://www.wsj.com/articles/food-producers-band-together-in-face-of-cyber-threats-8aa2e3ca

Unpacking RDStealer: An Exfiltration Malware Targeting RDP Workloads (20 jun)
https://www.bitdefender.com/blog/businessinsights/unpacking-rdstealer-an-exfiltration-malware-targeting-rdp-workloads/

Improve Your Security Posture With MANRS (20 jun)
https://www.manrs.org/2023/06/improve-your-security-posture-with-manrs/

CERT-SE i veckan

Apple rättar tre nolldagarssårbarheter

Sårbarhet i VMware Aria Operations Networks exploateras aktivt

Kritisk sårbarhet i Zyxel NAS