CERT-SE:s veckobrev v.23
Blandade nyheter från denna soliga nationaldagsvecka.
Trevlig helg önskar CERT-SE!
Nyheter i veckan
Hackers hijack legitimate sites to host credit card stealer scripts (4 jun)
https://www.bleepingcomputer.com/news/security/hackers-hijack-legitimate-sites-to-host-credit-card-stealer-scripts/
Bortglömda konton en enorm säkerhetsrisk (5 jun)
https://computersweden.idg.se/2.2683/1.779272/bortglomda-konton-en-enorm-sakerhetsrisk
Ransomware Group Used MOVEit Exploit to Steal Data From Dozens of Organizations (5 jun)
https://www.securityweek.com/ransomware-group-used-moveit-exploit-to-steal-data-from-dozens-of-organizations/
SpinOk Android malware found in more apps with 30 million installs (5 jun)
https://www.bleepingcomputer.com/news/security/spinok-android-malware-found-in-more-apps-with-30-million-installs/
It-attack mot Systembolaget och Swish (5 jun)
https://sverigesradio.se/artikel/it-attack-mot-systembolaget-och-swish
New ‘PowerDrop’ malware targeting US aerospace industry (6 jun)
https://therecord.media/powerdrop-malware-targets-us-aerospace-industry
MoveIt hack: What action can data-breach victims take? (7 jun)
https://www.bbc.com/news/technology-65820603
#StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability (7 jun)
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-158a
BBC, BA and Boots issued with ultimatum by cyber gang Clop (8 jun)
https://www.bbc.com/news/technology-65829726
Aix-Marseille, France’s largest university, hit by cyberattack (8 jun)
https://therecord.media/aix-marseille-university-cyberattack-france
Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack (8 jun)
https://www.securityweek.com/pharmaceutical-giant-eisai-takes-systems-offline-following-ransomware-attack/
Nokia report: IoT Botnet DDoS Attacks Threaten Global Telecom Networks (9 jun)
https://www.hackread.com/iot-botnet-ddos-attacks-telecom-networks-nokia/
Informationssäkerhet och blandat
10 notable critical infrastructure cybersecurity initiatives in 2023 (5 jun)
https://www.csoonline.com/article/3698190/10-notable-critical-infrastructure-cybersecurity-initiatives-in-2023.html
Introducing PCVARK and their malicious ad blockers (5 jun)
https://palant.info/2023/06/05/introducing-pcvark-and-their-malicious-ad-blockers/
2023 Data Breach Investigations Report (DBIR)
https://www.verizon.com/business/resources/T12f/reports/2023-data-breach-investigations-report-dbir.pdf
Service Rents Email Addresses for Account Signups (6 jun)
https://krebsonsecurity.com/2023/06/service-rents-email-addresses-for-account-signups/
Guide to Securing Remote Access Software (6 jun)
https://www.cisa.gov/resources-tools/resources/guide-securing-remote-access-software
Adversaries increasingly using vendor and contractor accounts to infiltrate networks (6 jun)
https://blog.talosintelligence.com/vendor-contractor-account-abuse/
ChatGPT Hallucinations Open Developers to Supply Chain Malware Attacks (6 jun)
https://www.darkreading.com/application-security/chatgpt-hallucinations-developers-supply-chain-malware-attacks
Microsoft Preps $425M Payment for LinkedIn GDPR Violations (6 jun)
https://www.darkreading.com/endpoint/microsoft-425m-payment-linkedin-gdpr-violations
Experten: Prata inte hemligheter i Kina-bilar (7 jun)
https://teknikensvarld.expressen.se/nyheter/bil-och-trafik/experten-prata-inte-hemligheter-i-kina-bilar/
6 av 10 incidenter orsakas av mänskliga faktorn (7 jun)
https://www.imy.se/nyheter/6-av-10-incidenter-orsakas-av-manskliga-faktorn/
…
Över 5 300 incidenter anmäldes till IMY förra året – men mörkertalet är stort (7 jun)
https://computersweden.idg.se/2.2683/1.779363/over-5-300-incidenter-anmaldes-till-imy-forra-aret-men-morkertalet-ar-stort
10 security tool categories needed to shore up software supply chain security (7 jun)
https://www.csoonline.com/article/3697792/10-security-tool-categories-needed-to-shore-up-software-supply-chain-security.html