CERT-SE:s veckobrev v.39

Veckans läsning innehåller bland annat ett flertal rapporter och analyser, till exempel CISAs lärdomar från incidenthantering.

Trevlig helg önskar CERT-SE!

Nyheter i veckan

Cyberattack Disrupts Airport Check-In Systems Across Europe (20 sep) https://hackread.com/cyberattack-disrupts-airport-check-in-systems-europe/ …
European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested (24 sep) https://www.securityweek.com/european-airport-cyberattack-linked-to-obscure-ransomware-suspect-arrested/

Stellantis, the Maker of Citroën, FIAT, Jeep, and Other Cars, Confirms Data Breach (22 sep) https://cybersecuritynews.com/stellantis-data-breach/

GitHub moves to tighten npm security amid phishing, malware plague (23 sep) https://www.theregister.com/2025/09/23/github_npm_registry_security/

22.2 Tbps DDoS Attack Breaks Internet With New World Record (23 sep) https://cybersecuritynews.com/ddos-attack-world-record/

Freja ID varnar för bluff-sms (24 sep) https://sakerhetskollen.se/aktuella-brott/freja-id-varnar-for-bluff-sms

Brickstorm malware powering ‘next-level’ Chinese cyberespionage campaign (24 sep) https://cyberscoop.com/chinese-cyberespionage-campaign-brickstorm-mandiant-google/

USD 439 million recovered in global financial crime operation (24 sep) https://www.interpol.int/News-and-Events/News/2025/USD-439-million-recovered-in-global-financial-crime-operation

New LockBit 5.0 Ransomware Variant Attacking Windows, Linux, and ESXi Systems (25 sep) https://cybersecuritynews.com/new-lockbit-5-0-ransomware-variant/

CISA orders agencies to patch Cisco flaws exploited in zero-day attacks (25 sep) https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-cisco-flaws-exploited-in-zero-day-attacks/

Rapporter och analyser

Phishing Attacks Using AI-Powered Platforms to Mislead Users and Evade Security Tools (19 sep) https://cybersecuritynews.com/phishing-attacks-using-ai-powered-platforms/

ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent (20 sep) https://thehackernews.com/2025/09/shadowleak-zero-click-flaw-leaks-gmail.html

Nimbus Manticore Deploys New Malware Targeting Europe (22 sep) https://research.checkpoint.com/2025/nimbus-manticore-deploys-new-malware-targeting-europe/

Technical Analysis of Zloader Updates (22 sep) https://www.zscaler.com/blogs/security-research/technical-analysis-zloader-updates

Lucid PhaaS With 17,500 Phishing Domains Mimics 316 Brands From 74 Countries (22 sep) https://cybersecuritynews.com/lucid-phaas-with-17500-phishing-domains/

Gartner Survey Reveals GenAI Attacks Are on the Rise (22 sep) https://www.gartner.com/en/newsroom/press-releases/2025-09-22-gartner-survey-reveals-generative-artificial-intelligence-attacks-are-on-the-rise

CISA Shares Lessons Learned from an Incident Response Engagement (23 sep) https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-266a

Attacker Breakout Time Falls to 18 Minutes (23 sep) https://www.infosecurity-magazine.com/news/attacker-breakout-time-falls-18/

Hackers Can Compromise Chromium Browsers in Windows by Loading Arbitrary Extensions (24 sep) https://cybersecuritynews.com/chromium-browsers-windows-arbitrary-extensions/

Gcore Radar Report Reveals 41% Surge in DDoS Attack Volumes (25 sep) https://hackread.com/gcore-radar-report-reveals-41-surge-in-ddos-attack-volumes/

APT Group Uses ClickFix To Deliver a New PowerShell-Based Backdoor (25 sep) https://cybersecuritynews.com/coldriver-apt-group-uses-clickfix/

Predicting DDoS attacks: How deep learning could give defenders an early warning (25 sep) https://www.helpnetsecurity.com/2025/09/25/deep-learning-predicting-ddos-attacks/

Informationssäkerhet och blandat

Underrättelsetjänst startar sajt på dark web för att rekrytera spioner (19 sep) https://computersweden.se/article/4060134/underrattelsetjanst-startar-sajt-pa-dark-web-for-att-rekrytera-spioner.html

Fifty Years of Open Source Software Supply-Chain Security (19 sep) https://cacm.acm.org/practice/fifty-years-of-open-source-software-supply-chain-security/

Russia steps up disinformation efforts to sway Moldova’s parliamentary vote (22 sep) https://therecord.media/russia-steps-disinfo-moldova-election

Slut på cookie-kaoset? EU-kommissionen vill förenkla kaklagen (22 sep) https://computersweden.se/article/4060830/slut-pa-cookie-kaoset-eu-kommissionen-vill-forenkla-kaklagen.html

Criminals are driving fake cell towers through cities to blast out scam texts (23 sep) https://www.techspot.com/news/109575-criminals-driving-fake-cell-towers-through-cities-blast.html

A Massive Telecom Threat Was Stopped Right As World Leaders Gathered at UN Headquarters in New York (24 sep) https://www.securityweek.com/a-massive-telecom-threat-was-stopped-right-as-world-leaders-gathered-at-un-headquarters-in-new-york/

CERT-SE i veckan

Utskick från CERT-SE gällande uppdatering av kontaktuppgifter (23 sep) https://www.cert.se/2025/09/utskick-fran-cert-se-gallande-uppdatering-av-kontaktuppgifter.html

Kritiska sårbarheter i Cisco Secure Firewall ASA och Secure FTD (26 sep) https://www.cert.se/2025/09/kritiska-sarbarheter-i-cisco-secure-firewall-asa-och-secure-ftd.html