CERT-SE:s veckobrev v.27

Veckobrev

I veckans rapportering hittar vi bland annat “Samlade förmågor för ökad cybersäkerhet - Betänkande av Utredningen om ett stärkt nationellt cybersäkerhetscenter”.

Vi passar på att redan nu förvarna om att det efter nästa fredags veckobrev blir tre veckors uppehåll i veckobrevspubliceringen.

Trevlig helg önskar CERT-SE!

Nyheter i veckan

FBI warns of Scattered Spider’s expanding attacks on airlines using social engineering (28 jun) https://thehackernews.com/2025/06/fbi-warns-of-scattered-spiders.html

Switzerland says government data stolen in ransomware attack (30 jun) https://www.bleepingcomputer.com/news/security/switzerland-says-government-data-stolen-in-ransomware-attack/

Cyberattack on Radix: Federal Administration data also affected (30 jun) https://www.news.admin.ch/en/newnsb/T5AZeWNEPFGe

Kivra varnar för sms-bedrägerier (30 jun) https://www.svt.se/nyheter/inrikes/kivra-varnar-for-sms-bedragerier

Europol dismantles $540 million cryptocurrency fraud network, arrest five suspects (30 jun) https://thehackernews.com/2025/06/europol-dismantles-540-million.html

U.S. Agencies warn of rising Iranian cyberattacks on defense, OT networks and critical infrastructure (30 jun) https://thehackernews.com/2025/06/us-agencies-warn-of-rising-iranian.html

Norwegian dam valve forced open for hours in cyberattack (30 jun) https://hackread.com/norwegian-dam-valve-forced-open-hours-in-cyberattack/

FBI: Cybercriminals steal health data posing as fraud investigators (30 jun) https://www.bleepingcomputer.com/news/security/fbi-warns-cybercriminals-steal-health-data-posing-as-fraud-investigators

ICC detects and contains new sophisticated cyber security incident (30 jun) https://www.icc-cpi.int/news/icc-detects-and-contains-new-sophisticated-cyber-security-incident

International Criminal Court targeted by new ‘sophisticated attack’ (1 jul) https://therecord.media/international-criminal-court-cyberattack-2025

Australiens största flygbolag hackat – 6 miljoner kunder påverkade (2 jul) https://computersweden.se/article/4016133/australiens-storsta-flygbolag-hackat-6-miljoner-kunder-paverkade.html

Chinese Hackers Target France in Ivanti Zero-Day Exploit Campaign (2 jul) https://www.infosecurity-magazine.com/news/chinese-hackers-france-ivanti

Hackers Exploit ConnectWise ScreenConnect Installers to Deploy Signed Remote Access Malware (2 jul) https://www.cysecurity.news/2025/07/hackers-exploit-connectwise.html

Hunters International ransomware shuts down, releases free decryptors (3 jul) https://www.bleepingcomputer.com/news/security/hunters-international-ransomware-shuts-down-after-world-leaks-rebrand/

EU Launches Plan to Implement Quantum-Secure Infrastructure (4 jul) https://www.infosecurity-magazine.com/news/eu-plan-quantum-secure/

Rapporter och analyser

Teardown: How Scattered Spider hacked a logistics firm (27 jun) https://www.govinfosecurity.com/teardown-how-scattered-spider-hacked-logistics-firm-a-28846

Cisco Talos: Malicious AI models are behind a new wave of cybercrime (28 jun) https://hackread.com/malicious-ai-models-wave-of-cybercrime-cisco-talos/

More than 25% of UK businesses hit by cyber-attack in last year, report finds (30 jun) https://www.theguardian.com/business/2025/jun/30/uk-businesses-hit-by-cyber-attack-last-year-report

DCRAT Impersonating the Colombian Government (1 jul) https://www.fortinet.com/blog/threat-research/dcrat-impersonating-the-columbian-government

New Report Uncovers Major Overlaps in Cybercrime and State-Sponsored Espionage (1 jul) https://www.infosecurity-magazine.com/news/major-overlaps-cybercrime-espionage/

Sovereign by Design: Data Control in a Borderless World (3 jul) https://www.govinfosecurity.com/sovereign-by-design-data-control-in-borderless-world-a-28891

Informationssäkerhet och blandat

CISA: New Guidance Released for Reducing Memory-Related Vulnerabilities (24 jun) https://www.cisa.gov/resources-tools/resources/memory-safe-languages-reducing-vulnerabilities-modern-software-development

‘Your reservation is at risk’: beware the Booking.com scam (29 jun) https://www.theguardian.com/money/2025/jun/29/your-reservation-is-at-risk-beware-the-bookingcom-scam

Bluetooth flaws could let hackers spy through your microphone (29 jun) https://www.bleepingcomputer.com/news/security/bluetooth-flaws-could-let-hackers-spy-through-your-microphone/

Beredskapen för krig stärks vid landets radio- och tv-master (29 jun) https://www.sverigesradio.se/artikel/beredskapen-for-krig-starks-vid-landets-radio-och-tv-master

Denmark moves to protect personal identity from deepfakes with new copyright law (30 jun) https://securityaffairs.com/179464/laws-and-regulations/denmark-moves-to-protect-personal-identity-from-deepfakes-with-new-copyright-law.html

Samlade förmågor för ökad cybersäkerhet - Betänkande av Utredningen om ett stärkt nationellt cybersäkerhetscenter (1 jul) https://regeringen.se/rattsliga-dokument/statens-offentliga-utredningar/2025/07/sou-202579

CVE Program Launches Two New Forums to Enhance CVE Utilization (2 jul) https://www.infosecurity-magazine.com/news/cve-program-new-user-researcher/

CERT-SE i veckan

Sårbarheter i Citrix NetScaler (uppdaterad 30 jun) https://www.cert.se/2025/06/sarbarheter-i-citrix-netscaler.html

Sårbarhet i Wing FTP Server (2 jul) https://www.cert.se/2025/07/sarbarhet-i-wing-ftp-server.html

Kritisk sårbarhet i Cisco Unified CM (3 jul) https://www.cert.se/2025/07/kritisk-sarbarhet-i-cisco-unified-cm.html