CERT-SE:s veckobrev v.42

Inom kort kommer vi att göra vissa justeringar i det veckobrev som skickas ut via e-post från CERT-SE. Om du skulle uppleva något problem med veckobrevet kommande veckor får du gärna höra av dig till cert@cert.se.

Trevlig helg önskar CERT-SE!

Nyheter i veckan

FBI takedown banner appears on BreachForums site as Scattered Spider promotes leak (10 okt) https://therecord.media/breachforums-fbi-france-takedown-banner-scattered-spider-salesforce-leak

Hackers Attacking Remote Desktop Protocol Services from 100,000+ IP Addresses (11 okt) https://cybersecuritynews.com/hackers-attacking-rdp-services/

Känsliga uppgifter om 5 miljoner flygresenärer har läckt ut (13 okt) https://computersweden.se/article/4071518/kansliga-uppgifter-om-5-miljoner-flygresenarer-har-lackt-ut.html

Harvard investigating breach linked to Oracle zero-day exploit (13 okt) https://www.bleepingcomputer.com/news/security/harvard-investigating-breach-linked-to-oracle-zero-day-exploit/

Netherlands invokes special powers against Chinese-owned semiconductor company Nexperia (13 okt) https://therecord.media/netherlands-special-powers-chinese-owned-semiconductor

SonicWall SSLVPN devices compromised using valid credentials (14 okt) https://www.cybersecuritydive.com/news/sonicwall-sslvpn-devices-compromised/802716/

Finansinspektionen varnar för bluff-sms (15 okt) https://sakerhetskollen.se/aktuella-brott/finansinspektionen-varnar-for-bluff-sms

Nation-state hackers breached sensitive F5 systems, stole customer data (15 okt) https://www.cybersecuritydive.com/news/f5-supply-chain-breach-nation-state-cisa/802887/ …
Allvarligt intrång mot säkerhetsföretaget F5 (16 okt) https://computersweden.se/article/4073659/allvarligt-intrang-mot-sakerhetsforetaget-f5.html

Larmföretaget Verisure utsatt för hackerattack (17 okt) https://www.sverigesradio.se/artikel/larmforetaget-verisure-utsatt-for-hackerattack

Rapporter och analyser

The most common malicious email attachments infecting Windows (11 okt) https://www.bleepingcomputer.com/news/security/the-most-common-malicious-email-attachments-infecting-windows/

RealBlindingEDR Tool That Permanently Turns Off AV/EDR Using Kernel Callbacks (13 okt) https://cybersecuritynews.com/realblindingedr-tool/

RMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing (14 okt) https://thehackernews.com/2025/10/rmpocalypse-single-8-byte-write.html

Pro-Russian Hacktivist Attacking OT/ICS Devices to Steal Login Credentials (14 okt) https://cybersecuritynews.com/pro-russian-hacktivist-attacking-ot-ics-devices/

Chinese hackers abuse geo-mapping tool for year-long persistence (14 okt) https://www.bleepingcomputer.com/news/security/chinese-hackers-abuse-geo-mapping-tool-for-year-long-persistence/

UK: NCSC Reports 130% Spike in “Nationally Significant” Cyber Incidents (14 okt) https://www.infosecurity-magazine.com/news/uk-ncsc-spike-national-cyber/ …
NCSC-UK Annual Review 2025 https://www.ncsc.gov.uk/collection/ncsc-annual-review-2025

TA585 Hackers Uses Unique Web Injection Technique to Deliver MonsterV2 Malware Targeting Windows Systems (14 okt) https://cybersecuritynews.com/ta585-hackers-uses-unique-web-injection-technique/

What AI Reveals About Web Applications — and Why It Matters (14 okt) https://thehackernews.com/2025/10/what-ai-reveals-about-web-applications.html

Cyberattackerna mot svenska organisationer fortsätter öka – offentlig sektor mest utsatt (16 okt) https://itbranschen.com/cyberattacker-svenska-organisationer-okar-kraftigt/

Informationssäkerhet och blandat

Svenska hackinglandslaget sexa i Europas största cybersäkerhetstävling (10 okt) https://www.aktuellsakerhet.se/svenska-hackinglandslaget-sexa-i-europas-storsta-cybersakerhetstavling/

Satellites Are Leaking the World’s Secrets: Calls, Texts, Military and Corporate Data (13 okt) https://www.wired.com/story/satellites-are-leaking-the-worlds-secrets-calls-texts-military-and-corporate-data/

Signal in the noise: what hashtags reveal about hacktivism in 2025 (14 okt) https://securelist.com/dfi-meta-hacktivist-report/117708/

New Android Pixnapping attack steals MFA codes pixel-by-pixel (14 okt) https://www.bleepingcomputer.com/news/security/new-android-pixnapping-attack-steals-mfa-codes-pixel-by-pixel/

Skydda ditt företag – konkreta råd från svenska myndigheter i EU-kampanj (15 okt) https://tidningenkonsulten.se/artiklar/skydda-ditt-foretag-konkreta-rad-fran-svenska-myndigheter-i-eu-kampanj/

MSB beviljar stöd till 25 nya cybersäkerhetsprojekt för att stärka Sveriges digitala leveranskedjor (15 okt) https://www.ncc-se.se/sv/nyheter/msb-beviljar-stod-till-25-nya-cybersakerhetsprojekt-for-att-starka-sveriges-digitala-leveranskedjor

CERT-SE i veckan

Patchtisdag oktober 2025 – samlad information om månadens säkerhetsuppdateringar (15 okt) https://www.cert.se/2025/10/patchtisdag-oktober-2025-samlad-information-om-manadens-sakerhetsuppdateringar.html

Kritiska sårbarheter i F5 Networks-produkter (16 okt) https://www.cert.se/2025/10/kritiska-sarbarheter-i-F5-networks-produkter.html

Kritisk sårbarhet i Adobe Experience Manager (Uppdaterad 16 okt) https://www.cert.se/2025/08/kritisk-sarbarhet-i-adobe-experience-manager.html