CERT-SE startsida
Sök inom CERT-SE
Publicerad: 2025-05-30 13:50

CERT-SE:s veckobrev v.22

Veckobrev

I veckan kom nyheten om Sveriges nya digitaliseringsstrategi för 2025–2030 som pekar ut riktningen för regeringens digitaliseringspolitik.

Trevlig helg önskar CERT-SE!

Nyheter i veckan

Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials (22 maj) https://www.wired.com/story/mysterious-database-logins-governments-social-media/

Feds Charge 16 Russians Allegedly Tied to Botnets Used in Ransomware, Cyberattacks, and Spying (22 maj) https://www.wired.com/story/us-charges-16-russians-danabot-malware/

Ser ut som Google – men är en fälla (25 maj) https://www.msn.com/sv-se/nyheter/other/ser-ut-som-google-men-%C3%A4r-en-f%C3%A4lla/ar-AA1Fr6y4

Bank-id och Swishs dominans ifrågasätts efter störningsattacker (25 maj) https://www.svt.se/nyheter/ekonomi/bank-id-och-swishs-dominans-ifragasatts-efter-storningsattacker

Nova Scotia Power Confirms Ransomware Attack, 280k Notified of Data Breach (26 maj) https://www.securityweek.com/nova-scotia-power-confirms-ransomware-attack-280k-notified-of-data-breach/

Street-Level QR Phishing: Cybercriminals Take Social Engineering to the Real World (26 maj) https://cybersecuritynews.com/street-level-qr-phishing/

Adidas says customer data stolen in cyber attack (27 maj) https://www.bbc.com/news/articles/c071m82v80po

AIVD and MIVD identify new Russian cyber threat actor (27 maj) https://www.aivd.nl/documenten/publicaties/2025/05/27/aivd-en-mivd-onderkennen-nieuwe-russische-cyberactor

Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages (27 maj) https://thehackernews.com/2025/05/russian-hackers-breach-20-ngos-using.html

Ökade säkerhetskrav pressar nordiska it-chefer (27 maj) https://computersweden.se/article/3995776/okade-sakerhetskrav-pressar-nordiska-it-chefer.html

Apple Blocks $9 Billion in Fraud Over 5 Years Amid Rising App Store Threats (28 maj) https://thehackernews.com/2025/05/apple-blocks-9-billion-in-fraud-over-5.html

GitHub becomes go-to platform for malware delivery across Europe (28 maj) https://www.helpnetsecurity.com/2025/05/28/attackers-phishing-method-europe/

EU stands in solidarity with Czech Republic after cyberattack blamed on China (28 maj) https://www.reuters.com/world/china/eu-stands-solidarity-with-czech-republic-after-cyberattack-blamed-china-2025-05-28/

OneDrive Gives Web Apps Full Read Access to All Files (28 maj) https://www.securityweek.com/onedrive-gives-web-apps-full-read-access-to-all-files/

NATO floats cybersecurity to be included in new spending target (28 maj) https://economictimes.indiatimes.com/tech/technology/nato-floats-cybersecurity-to-be-included-in-new-spending-target/articleshow/121464750.cms

New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto (28 maj) https://thehackernews.com/2025/05/new-pumabot-botnet-targets-linux-iot.html

Hackers Allegedly Claim AT&T Data Leak – 31M Records Exposed (28 maj) https://cybersecuritynews.com/hackers-allegedly-claim-att-data-leak/

Sveriges digitaliseringsstrategi 2025–2030 (28 maj) https://regeringen.se/rapporter/2025/05/sveriges-digitaliseringsstrategi-20252030/

..

Sveriges nya digitaliseringsstrategi presenterad – och en molnpolicy är på gång (28 maj) https://computersweden.se/article/3997001/sveriges-nya-digitaliseringsstrategi-presenterad-och-en-molnpolicy-ar-pa-gang.html

Energi-CERT ska hjälpa energiföretag med cybersäkerhet (28 maj) https://www.energi.se/artiklar/2025/maj-2025/energi-cert-ska-hjalpa-energiforetag-med-cybersakerhet

NHS trusts’ data ‘stolen’ in cyberattack (28 maj) https://news.sky.com/story/nhs-trusts-data-stolen-in-cyberattack-13372770

Thousands of ASUS Routers Hit by Persistent Backdoor (29 maj) https://www.govinfosecurity.com/thousands-asus-routers-hit-by-persistent-backdoor-a-28539

New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers (29 maj) https://thehackernews.com/2025/05/new-windows-rat-evades-detection-for.html

Exchange 2016, 2019 support ends soon: What IT should do to stay secure (30 maj) https://www.helpnetsecurity.com/2025/05/30/exchange-server-2016-2019-end-of-support/

Meta Disrupts Influence Ops Targeting Romania, Azerbaijan, and Taiwan with Fake Personas (30 maj) https://thehackernews.com/2025/05/meta-disrupts-influence-ops-targeting.html

Rapporter och analyser

China-Nexus Threat Actor Actively Exploiting Ivanti Endpoint Manager Mobile (CVE-2025-4428) Vulnerability (21 maj) https://blog.eclecticiq.com/china-nexus-threat-actor-actively-exploiting-ivanti-endpoint-manager-mobile-cve-2025-4428-vulnerability

Silent Ransom Group Targeting Law Firms (23 maj) https://www.ic3.gov/CSA/2025/250523.pdf

Informationssäkerhet och blandat

Lumma Infostealer – Down but Not Out? (29 maj) https://blog.checkpoint.com/security/lumma-infostealer-down-but-not-out/

Joint Cybersecurity Information: AI Data Security - Best Practices for Securing Data Used to Train & Operate AI Systems https://media.defense.gov/2025/May/22/2003720601/-1/-1/0/CSI_AI_DATA_SECURITY.PDF

CERT-SE i veckan

Sårbarheter i Ivanti EPMM (publicerad 15 maj, uppdaterad 28 maj) https://www.cert.se/2025/05/sarbarheter-i-ivanti-epmm.html