CERT-SE startsida
Sök inom CERT-SE
Publicerad: 2025-12-19 11:20

CERT-SE:s veckobrev v.51

Veckobrev

Veckans veckobrev består som vanligt av nyheter, rapporter och analyser men även en liten julhälsning:

Detta veckobrev är årets sista,
Nästa skickar vi v.2 till vår veckobrevslista.

År 2026 fortsätter vi motståndskraften bygga,
I Sverige ska systemen vara patchade och trygga.

Ingen hotaktör ska kunna bräcka våra murar,
Systematiskt cybersäkerhetsarbete dem lurar.

Hoppas en härlig ledighet, gröt och glögg ni får,
CERT-SE önskar en riktigt god jul och ett gott nytt år!

Nyheter i veckan

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation (12 dec) https://thehackernews.com/2025/12/react2shell-exploitation-escalates-into.html
Google links more Chinese hacking groups to React2Shell attacks (15 dec) https://www.bleepingcomputer.com/news/security/google-links-more-chinese-hacking-groups-to-react2shell-attacks/
React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors (16 dec) https://thehackernews.com/2025/12/react2shell-vulnerability-actively.html

Apple Patches More Zero-Days Used in ‘Sophisticated’ Attack (15 dec) https://www.darkreading.com/vulnerabilities-threats/apple-patches-more-zero-days-sophisticated-attack

French Interior Ministry confirms cyberattack on email servers (15 dec) https://www.bleepingcomputer.com/news/security/france-interior-ministry-confirms-cyberattack-on-email-servers/

Nearly 20 million affected by Prosper, 700Credit data breaches (15 dec) https://therecord.media/data-breaches-affecting-20-million-prosper-700credit

Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass (16 dec) https://thehackernews.com/2025/12/fortinet-fortigate-under-active-attack.html

Cisco says Chinese hackers are exploiting its customers with a new zero-day (17 dec) https://techcrunch.com/2025/12/17/cisco-says-chinese-hackers-are-exploiting-its-customers-with-a-new-zero-day/

Rapporter och analyser

Amazon Threat Intelligence identifies Russian cyber threat group targeting Western critical infrastructure (15 dec) https://aws.amazon.com/blogs/security/amazon-threat-intelligence-identifies-russian-cyber-threat-group-targeting-western-critical-infrastructure/

SantaStealer Attacks Users to Exfiltrates Sensitive Documents, Credentials, and Wallet Data (16 dec) https://cybersecuritynews.com/santastealer-attacks-users/

Inside Ink Dragon: Revealing the Relay Network and Inner Workings of a Stealthy Offensive Operation (16 dec) https://research.checkpoint.com/2025/ink-dragons-relay-network-and-offensive-operation/

Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks (17 dec) https://thehackernews.com/2025/12/kimwolf-botnet-hijacks-18-million.html

Microsoft Digital Defense Report 2025 (17 dec) https://www.microsoft.com/en-us/security/security-insider/threat-landscape/microsoft-digital-defense-report-2025

Informationssäkerhet och blandat

Germany summons Russian ambassador over cyberattack, election disinformation (12 dec) https://therecord.media/germany-summons-russian-ambassador-cyberattack-disinformation

Varannan svensk arbetsplats saknar utbildning i cybersäkerhet (12 dec) https://computersweden.se/article/4105641/varannan-svensk-arbetsplats-saknar-utbildning-i-cybersakerhet.html

Regeringen utfärdar en ny cybersäkerhetslag (15 dec) https://www.regeringen.se/pressmeddelanden/2025/12/regeringen-utfardar-en-ny-cybersakerhetslag/

Ny våg av nätfiske gömmer sig bakom Microsoft Sharepoint och Docusign (17 dec) https://it-retail.se/ny-vag-av-natfiske-gommer-sig-bakom-microsoft-sharepoint-och-docusign/

CERT-SE i veckan

Patchtisdag december 2025 – samlad information om månadens säkerhetsuppdateringar (Uppdaterad 17 dec) https://www.cert.se/2025/12/patchtisdag-december-2025-samlad-information-om-manadens-sakerhetsuppdateringar.html

Kritisk nolldagssårbarhet i Cisco AsyncOS (19 dec) https://www.cert.se/2025/12/kritisk-nolldagssarbarhet-i-cisco-asyncos.html