CERT-SE startsida
Sök inom CERT-SE
Publicerad: 2025-11-07 13:15

CERT-SE:s veckobrev v.45

Veckobrev

I veckans läsning finns bland annat en artikel med uppdaterade råd från oss gällande förebyggande arbete och hantering för att motverka informationsstöld och utpressningsangrepp.

Trevlig helg önskar CERT-SE!

Nyheter i veckan

CISA: High-severity Linux flaw now exploited by ransomware gangs (31 okt) https://www.bleepingcomputer.com/news/security/cisa-linux-privilege-escalation-flaw-now-exploited-in-ransomware-attacks/

Poland hit by another major cyberattack as hackers steal users’ data from loan platform (2 nov) https://www.polskieradio.pl/395/7786/Artykul/3602083

Kulturrådet drabbat av dataintrång – utredning pågår (3 nov) https://www.dn.se/kultur/kulturradet-drabbat-av-dataintrang-utredning-pagar/

European diplomats attacked via Windows zero-day vulnerability (4 nov) https://cybernews.com/cybercrime/european-diplomats-attacked-windows-zero-day-vulnerability/

Bakdörr utnyttjar Open AI:s API som kommandokanal (4 nov) https://computersweden.se/article/4084104/bakdorr-utnyttjar-open-ais-api-som-kommandokanal.html
Microsoft: SesameOp malware abuses OpenAI Assistants API in attacks (4 nov) https://www.bleepingcomputer.com/news/security/microsoft-sesameop-malware-abuses-openai-assistants-api-in-attacks/

China-Linked Hackers Target Cisco Firewalls in Global Campaign (4 nov) https://hackread.com/china-hackers-target-cisco-firewalls/

Rapporter och analyser

Beating XLoader at Speed: Generative AI as a Force Multiplier for Reverse Engineering (3 nov) https://research.checkpoint.com/2025/generative-ai-for-reverse-engineering/

Remote access, real cargo: cybercriminals targeting trucking and logistics (3 nov) https://www.proofpoint.com/us/blog/threat-insight/remote-access-real-cargo-cybercriminals-targeting-trucking-and-logistics

Exploiting Microsoft Teams: Impersonation and Spoofing Vulnerabilities Exposed (4 nov) https://research.checkpoint.com/2025/microsoft-teams-impersonation-and-spoofing-vulnerabilities-exposed/

Operation SkyCloak Deploys Tor-Enabled OpenSSH Backdoor Targeting Defense Sectors (4 nov) https://thehackernews.com/2025/11/operation-skycloak-deploys-tor-enabled.html

Google warns of new AI-powered malware families deployed in the wild (5 nov) https://www.bleepingcomputer.com/news/security/google-warns-of-new-ai-powered-malware-families-deployed-in-the-wild/

Ransomware Attack on European Organizations Surge (6 nov) https://cybersecuritynews.com/ransomware-attack-on-european-organizations-surge-as-hackers/

Clop Ransomware Actors Exploiting the Latest 0-Day Exploits in the Wild (6 nov) https://cybersecuritynews.com/clop-ransomware-actors/

ENISA Sectorial Threat Landscape - Public Administration (6 nov) https://www.enisa.europa.eu/publications/enisa-sectorial-threat-landscape-public-administration

Överbelastningsattacker kan påverka tillgängligheten till finansiella tjänster (6 nov) https://www.riksbank.se/sv/press-och-publicerat/nyheter-och-pressmeddelanden/nyheter/2025/overbelastningsattacker-kan-paverka-tillgangligheten-till-finansiella-tjanster/

How a ransomware gang encrypted Nevada government’s systems (7 nov) https://www.bleepingcomputer.com/news/security/how-a-ransomware-gang-encrypted-nevada-governments-systems/

Informationssäkerhet och blandat

Sveriges cybersäkerhet ska mätas (31 okt) https://www.regeringen.se/pressmeddelanden/2025/10/sveriges-cybersakerhet-ska-matas/

Integritetsskyddsmyndigheten inleder granskning efter Miljödata-läckan (3 nov) https://www.svt.se/nyheter/inrikes/integritetsmyndigheten-inleder-granskning-efter-miljodata-lackan

Hackers are attacking Britain’s drinking water suppliers (3 nov) https://therecord.media/britain-water-supply-cybersecurity-incident-reports-dwi-nis

Risk för fjärrstyrda bussar undersöks i Blekinge – efter larm från Norge (5 nov) https://www.sverigesradio.se/artikel/blekinge-undersoker-risk-for-fjarrstyrda-bussar-efter-larm-fran-norge

Dra lärdomar från avbrottet hos AWS (5 nov) https://computersweden.se/article/4083881/lardomar-fran-avbrottet-hos-aws-atgarder-och-resurser.html

You’ll never guess what the most common passwords are. Oh, wait, yes you will (6 nov) https://www.theregister.com/2025/11/06/most_common_passwords/?td=rt-3a

CERT-SE i veckan

Allvarlig sårbarhet i MOVEit Transfer platform (3 nov) https://www.cert.se/2025/11/allvarlig-sarbarhet-i-moveit-transfer-platform.html

Flertal sårbarheter i VMware (Uppdaterad 3 nov) https://www.cert.se/2025/10/flera-sarbarheter-i-vmware.html

Kritiska sårbarheter i Cisco Unified CCX (6 nov) https://www.cert.se/2025/11/kritiska-sarbarheter-i-cisco-unified-contact-center-express.html

Förebygg och hantera utpressningsangrepp (7 nov) https://www.cert.se/2025/11/rad-for-att-hantera-och-forebygga-utpressningsangrepp.html