CERT-SE:s veckobrev v.26
Så här i semestertider då det kan vara färre medarbetare som ska hantera allt löpande och på många håll finns vikarier på plats, är det bra att påminna om vaksamhet kring nätfiske.
Några råd att dela:
- Använd multifaktorautentisering
- Var vaksam gällande e-post från okända/externa avsändare
- Kontrollera avsändaradressen, inte bara visningsnamn i misstänkt e-post
- Fråga internt en gång extra innan du öppnar oväntade bilagor och länkar
- Rapportera direkt till IT om du misstänker att något är fel
- Följ alltid organisationens riktlinjer för hur du hanterar känslig information
Trevlig helg önskar CERT-SE!
Nyheter i veckan
Aflac says it stopped attack launched by ‘sophisticated cybercrime group’ (20 jun) https://therecord.media/aflac-cyberattack-potential-data-breach
Russian dairy supply disrupted by cyberattack on animal certification system (20 jun) https://therecord.media/russia-dairy-supply-disrupted-cyberattack
Cloudflare blocks record 7.3 Tbps DDoS attack against hosting provider (20 jun) https://www.bleepingcomputer.com/news/security/cloudflare-blocks-record-73-tbps-ddos-attack-against-hosting-provider/
Oxford City Council suffers breach exposing two decades of data (22 jun) https://www.bleepingcomputer.com/news/security/oxford-city-council-suffers-breach-exposing-two-decades-of-data/
Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages (22 jun) https://thehackernews.com/2025/06/scattered-spider-behind-cyberattacks-on.html
Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks (22 jun) https://thehackernews.com/2025/06/google-adds-multi-layered-defenses-to.html
Thousands of UK government laptops, phones and tablets have been lost or stolen (22 jun) https://www.theguardian.com/technology/2025/jun/22/uk-government-laptops-phones-tablets-lost-stolen-cybersecurity
Steel giant Nucor confirms hackers stole data in recent breach (23 jun) https://www.bleepingcomputer.com/news/security/steel-giant-nucor-confirms-hackers-stole-data-in-recent-breach/
US Homeland Security warns of escalating Iranian cyberattack risks (23 jun) https://www.bleepingcomputer.com/news/security/us-homeland-security-warns-of-escalating-iranian-cyberattack-risks/
Salt Typhoon Targets Telecoms via Router Flaws, Warn FBI and Canada (23 jun) https://hackread.com/salt-typhoon-targets-telecoms-router-flaws-fbi-canada/
Chinese hackers turn unpatched routers into orb spy network (23 jun) https://www.govinfosecurity.com/chinese-hackers-turn-unpatched-routers-into-orb-spy-network-a-28784
French police reportedly arrest suspected BreachForums administrators (25 jun) https://therecord.media/france-breachforums-suspects-arrests
Hackers Using Malicious SonicWall VPN for Credential Theft (25 jun) https://www.govinfosecurity.com/hackers-using-malicious-sonicwall-vpn-for-credential-theft-a-28815
Ransomware attack contributed to patient’s death, says Britain’s NHS (25 jun) https://therecord.media/ransomware-attack-contributed-patient-death-uk-nhs
Brother printer bug in 689 models exposes default admin passwords (26 jun) https://www.bleepingcomputer.com/news/security/brother-printer-bug-in-689-models-exposes-default-admin-passwords/
OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors (27 jun) https://thehackernews.com/2025/06/oneclik-malware-targets-energy-sector.html
Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks (27 jun) https://thehackernews.com/2025/06/critical-open-vsx-registry-flaw-exposes.html
Rapporter och analyser
Same Sea, New Phish (18 jun) https://citizenlab.ca/2025/06/russian-government-linked-social-engineering-targets-app-specific-passwords/
When DNS Fragments, Security Suffers (23 jun) https://www.govinfosecurity.com/when-dns-fragments-security-suffers-a-28780
Dissecting av malcious Havoc example (23 jun) https://www.fortinet.com/blog/threat-research/dissecting-a-malicious-havoc-sample
Lessons from Helsinki: NCSC-Fis role in mitigating a major data breach (24 jun) https://www.infosecurity-magazine.com/news/helsinki-ncscfi-major-data-breach/
Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors (24 jun) https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/dire-wolf-strikes-new-ransomware-group-targeting-global-sectors/
AI Evasion: The Next Frontier of Malware Techniques (25 jun) https://blog.checkpoint.com/artificial-intelligence/ai-evasion-the-next-frontier-of-malware-techniques/
The Hidden Risks of SaaS: Why Built-In Protections Aren’t Enough for Modern Data Resilience (26 jun) https://thehackernews.com/2025/06/the-hidden-risks-of-saas-why-built-in.html
After a hack many firms still say nothing, and that’s a problem (27 jun) https://www.helpnetsecurity.com/2025/06/27/cybersecurity-risk-reduction-breach-transparency/
Informationssäkerhet och blandat
Utlysning från MSB: Bidrag till små och medelstora företag för kapacitetsuppbyggnad inom cybersäkerhet (17 jun) https://ncc-se.msb.se/sv/hitta-finansiering/aktuella-nationella-utlysningar/nationell-utlysning-fstp
SparkKitty Swipes Pics From iOS, Android Devices (23 jun) https://www.darkreading.com/mobile-security/sparkkitty-swipes-pics-ios-android-devices
Varningen: GPS-störningar slår ut navigeringen på Östersjön (25 jun) https://www.sverigesradio.se/artikel/varningen-gps-storningar-slar-ut-navigeringen-pa-ostersjon
NIS2 Technical Implementation Guidance (26 jun) https://www.enisa.europa.eu/publications/nis2-technical-implementation-guidance
Sveriges beredskap mot cyberhot – en nyckelfråga i Almedalen (26 jun) https://it-kanalen.se/sveriges-beredskap-mot-cyberhot-en-nyckelfraga-i-almedalen/
Back in black: Microsoft Blue Screen of Death is going dark (26 jun) https://www.theregister.com/2025/06/26/microsoft_bsod_goes_black/
CERT-SE i veckan
Kritisk sårbarhet i Mattermost (25 jun) https://www.cert.se/2025/06/kritisk-sarbarhet-i-mattermost.html
Sårbarheter i Citrix NetScaler (25 jun) https://www.cert.se/2025/06/sarbarheter-i-citrix-netscaler.html
Kritiska sårbarheter i Cisco ISE (27 jun) https://www.cert.se/2025/06/kritiska-sarbarheter-i-cisco-ise.html