CERT-SE:s veckobrev v.3
Denna vecka har CERT-SE publicerat ett flertal artiklar om olika sårbarheter, där vi särskilt vill trycka på sårbarheter i Ivanti Connect och Ivanti Policy Secure, som båda utnyttjas aktivt.
Nyheter i veckan
Allt vanligare med skadlig kod på Github (15 jan) https://computersweden.idg.se/2.2683/1.780757/github-skadlig-kod
Coop Värmland: Hundratusentals medlemmars uppgifter på darknet (16 jan) https://sverigesradio.se/artikel/coop-varmland-bekraftar-medlemslacka-ror-over-hundratusen-medlemmar
Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins (16 jan) https://www.securityweek.com/governments-military-targeted-as-widespread-exploitation-of-ivanti-zero-days-begins/
Known Indicators of Compromise Associated with Androxgh0st Malware (16 jan) https://www.cisa.gov/sites/default/files/2024-01/aa24-016a-known-indicators-of-compromise-associated-with-adroxgh0st-malware.pdf
SMTP end-of-data uncertainty can be abused to spoof emails and bypass policies (16 jan) https://kb.cert.org/vuls/id/302671
Räddningstjänsten går på reservsystem – utsatt för cyberattack (18 jan) https://sverigesradio.se/artikel/raddningstjansten-gar-pa-reservsystem-utsatta-for-cyberattack .. MSB: Så kan it-attacker förebyggas (19 jan) https://sverigesradio.se/artikel/msb-sa-kan-it-attacker-forebyggas
Check your Chrome browser now or all of your passwords could soon be exposed (19 jan) https://www.mirror.co.uk/tech/google-chrome-browser-update-alert-31918054
Informationssäkerhet och blandat
Enklare cyberangrepp orsakar tillgänglighetsproblem https://www.msb.se/sv/aktuellt/nyheter/2024/januari/enklare-cyberangrepp-orsakar-tillganglighetsproblem/ .. Cyberangrepp mot samhällsviktiga informationssystem : 25 rekommendationer för stärkt skydd mot cyberangrepp https://www.msb.se/sv/publikationer/cyberangrepp-mot-samhallsviktiga-informationssystem--25-rekommendationer-for-starkt-skydd-mot-cyberangrepp/
Code Written with AI Assistants Is Less Secure (17 jan) https://www.schneier.com/blog/archives/2024/01/code-written-with-ai-assistants-is-less-secure.html
GCHQ Celebrates 80 Years of Colossus https://www.gchq.gov.uk/news/colossus-80
Inside the Massive Naz.API Credential Stuffing List (18 jan) https://www.troyhunt.com/inside-the-massive-naz-api-credential-stuffing-list/
Toronto Public Library service nears return months after cyberattack (18 jan) https://globalnews.ca/news/10236528/toronto-library-hack-back-online-soon/
70 million account credentials were leaked in a massive password dump (18 jan) https://www.ghacks.net/2024/01/18/70-million-account-credentials-were-leaked-in-a-massive-password-dump/
81 percent of security pros say phishing is the top threat (19 jan) https://betanews.com/2024/01/19/81-percent-of-security-pros-say-phishing-is-the-top-threat/
10 must-have security tips for digital nomads (19 jan) https://www.computerworld.com/article/3712126/10-must-have-security-tips-for-digital-nomads.html
Kansas Court System Seeks $2.6M to Recover from Cyberattack (19 jan) https://www.insurancejournal.com/news/midwest/2024/01/19/756287.htm
Orange Spain Outage: BGP Traffic Hijacked by Threat Actor (19 jan) https://securityboulevard.com/2024/01/orange-spain-outage-bgp-traffic-hijacked-by-threat-actor/
Security pros are being hospitalized by after-effects of ransomware hacks (19 jan) https://www.techradar.com/pro/security-pros-are-being-hospitalized-by-after-effects-of-ransomware-hacks
CERT-SE i veckan
Kritiska sårbarheter i Ivanti Connect Secure och Policy Secure https://www.cert.se/2024/01/kritiska-sarbarheter-i-ivanti-connect-secure-och-policy-secure.html
Kritisk sårbarhet i Citrix Netscaler ADC och Netscaler Gateway https://www.cert.se/2024/01/kritisk-sarbarhet-i-citrix-netscaler-adc-och-netscaler-gateway.html
Kritisk sårbarhet i VMware-produkter https://www.cert.se/2024/01/kritisk-sarbarhet-i-vmware-produkter.html
Kritiska sårbarheter i Confluence-produkter https://www.cert.se/2024/01/kritiska-sarbarheter-i-confluence-produkter.html
Kritiska sårbarheter i Gitlab https://www.cert.se/2024/01/kritiska-sarbarheter-i-gitlab.html