CERT-SE startsida
Sök inom CERT-SE
Publicerad: 2025-01-31 14:55

CERT-SE:s veckobrev v.5

Veckobrev

Många läsvärda rapporter i veckans nyhetssvep. Bland annat finns resultatet av Cybersäkerhetskollen 2024, som MSB har genomfört för tredje gången. Vi vill också informera om vår uppdaterade PGP-nyckel: https://www.cert.se/2025/01/cert-se-pgp-2025.html

Trevlig helg önskar CERT-SE!

Nyheter i veckan

British Museum forced to partly close after alleged IT attack by former employee (25 jan) https://www.theguardian.com/culture/2025/jan/24/british-museum-forced-to-partly-close-after-alleged-it-attack-by-former-employee

UnitedHealth updates number of data breach victims to 190 million (25 jan) https://therecord.media/unitedhealth-updates-change-healthcare-data-breach-190-million

Expanding on Cyber Threat Intelligence for Security Monitoring (26 jan) https://www.infernux.no/Expanding-on-CTI

Nu ska laddstolpar cybersäkras – måste klara nya EU-regler (27 jan) https://computersweden.se/article/3809631/nu-ska-laddstolpar-cybersakras-maste-klara-nya-eu-regler.html

MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks (27 jan) https://thehackernews.com/2025/01/mintsloader-delivers-stealc-malware-and.html

New ransomware group Funksec is quickly gaining traction (27 jan) https://www.csoonline.com/article/3810610/new-ransomware-group-funksec-is-quickly-gaining-traction.html

DeepSeek hit with large-scale cyberattack, says it’s limiting registrations (27 jan) https://www.cnbc.com/2025/01/27/deepseek-hit-with-large-scale-cyberattack-says-its-limiting-registrations.html ..
Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History (29 jan) https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak

Attackers Exploit PDFs in Sophisticated Mishing Attack (28 jan) https://informationsecuritybuzz.com/attackers-exploit-pdfs-mishing-attack

Engineering giant Smiths Group discloses security breach (28 jan) https://www.bleepingcomputer.com/news/security/engineering-giant-smiths-group-discloses-security-breach

Ransomware attack kept major energy industry contractor out of some systems for 6 weeks (28 jan) https://therecord.media/englobal-ransomware-attack-six-weeks-disruption

Mirai Variant ‘Aquabot’ Exploits Mitel Device Flaws (29 jan) https://www.darkreading.com/endpoint-security/mirai-variant-aquabot-exploits-mitel-phone-flaws

7 Ransomware Predictions for 2025: From AI Threats to New Strategies (29 jan) https://securityboulevard.com/2025/01/7-ransomware-predictions-for-2025-from-ai-threats-to-new-strategies

Google’s Subdomain ‘g.co’ Hacked – A Tricky Phone Call Lets Hackers Access Your Google Account Remotely (30 jan) https://cybersecuritynews.com/googles-subdomain-g-co-hacked

Law enforcement takes down two largest cybercrime forums in the world (30 jan) https://www.europol.europa.eu/media-press/newsroom/news/law-enforcement-takes-down-two-largest-cybercrime-forums-in-world

Ransomware Attack Disrupts Blood Donation Services in US (30 jan) https://www.infosecurity-magazine.com/news/ransomware-blood-donation-services

Regionen utsätts för cyberattacker – varje dag (30 jan) https://www.mitti.se/nyheter/regionen-utsatts-for-cyberattacker--varje-dag-6.19.270289.fd3e629461

Ny militär cyberstyrka ska försvara finansbranschen (31 jan) https://www.dn.se/sverige/ny-militar-cyberstyrka-ska-forsvara-finansbranschen

Rapporter och analyser

Exploring Q4 2024 Brand Phishing Trends: Microsoft Remains the Top Target as LinkedIn Makes a Comeback (22 jan) https://blog.checkpoint.com/research/exploring-q4-2024-brand-phishing-trends-microsoft-remains-the-top-target-as-linkedin-makes-a-comeback

HellCat and Morpheus | Two Brands, One Payload as Ransomware Affiliates Drop Identical Code (23 jan) https://www.sentinelone.com/blog/hellcat-and-morpheus-two-brands-one-payload-as-ransomware-affiliates-drop-identical-code

No Honour Among Thieves: Uncovering a Trojanized XWorm RAT Builder Propagated by Threat Actors and Disrupting Its Operations (24 jan) https://www.cloudsek.com/blog/no-honour-among-thieves-uncovering-a-trojanized-xworm-rat-builder-propagated-by-threat-actors-and-disrupting-its-operations

Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware (27 jan) https://thedfirreport.com/2025/01/27/cobalt-strike-and-a-pair-of-socks-lead-to-lockbit-ransomware

Technical Analysis of Xloader Versions 6 and 7 | Part 1 (27 jan) https://www.zscaler.com/blogs/security-research/technical-analysis-xloader-versions-6-and-7-part-1

2024 Global Threat Roundup Report (27 jan) https://www.forescout.com/resources/2024-global-threat-roundup-report

Cybersecurity Stop of the Month: E-Signature Phishing Nearly Sparks Disaster for an Electric Company (27 jan) https://www.proofpoint.com/us/blog/email-and-cloud-threats/esignature-phishing-attack-near-crisis-at-electric-company

New TorNet backdoor seen in widespread campaign (28 jan) https://blog.talosintelligence.com/new-tornet-backdoor-campaign

Cat’s out of the bag: Lynx Ransomware-as-a-Service (28 jan) https://www.group-ib.com/blog/cat-s-out-of-the-bag-lynx-ransomware

A method to assess ‘forgivable’ vs ‘unforgivable’ vulnerabilities (28 jan) https://www.ncsc.gov.uk/report/a-method-to-assess-forgivable-vs-unforgivable-vulnerabilities

Lumma Stealer’s GitHub-Based Delivery Explored via Managed Detection and Response (30 jan) https://www.trendmicro.com/en_se/research/25/a/lumma-stealers-github-based-delivery-via-mdr.html

Talos IR trends Q4 2024: Web shell usage and exploitation of public-facing applications spike (30 jan) https://blog.talosintelligence.com/talos-ir-trends-q4-2024

Sex av tio organisationer har allvarliga brister i sitt säkerhetsarbete (31 jan) https://www.msb.se/sv/aktuellt/nyheter/2025/januari/sex-av-tio-organisationer-har-allvarliga-brister-i-sitt-sakerhetsarbete

Informationssäkerhet och blandat

IMY lämnar över rapport om integritet och ny teknik till regeringen (28 jan) https://www.imy.se/nyheter/imy-lamnar-over-rapport-om-integritet-och-ny-teknik-till-regeringen

Preserving integrity in the age of generative AI (29 jan) https://www.ncsc.gov.uk/blog-post/preserving-integrity-in-age-generative-ai

Färre får jobb – då drar yrkeshögskolan ner på it-utbildningar (31 jan) https://computersweden.se/article/3813231/farre-far-jobb-da-drar-yrkeshogskolan-ner-pa-it-utbildningar.html

CERT-SE i veckan

CERT-SE:s PGP-nyckel 2025 (30 jan) https://www.cert.se/2025/01/cert-se-pgp-2025.html

Apple rättar en nolldagssårbarhet (28 jan) https://www.cert.se/2025/01/apple-rattar-en-nolldagssarbarhet.html

Kritisk sårbarhet i SonicWall SonicOS (uppdaterad 24 jan) https://www.cert.se/2025/01/kritisk-sarbarhet-i-sonicwall-sonicos.html

Kritisk sårbarhet i SonicWall (24 jan) https://www.cert.se/2025/01/kritisk-sarbarhet-i-AMC-och-CMC-sonicwall.html