CERT-SE:s veckobrev v.34
Här kommer veckobrevet med massor av nyheter och flera om ransomware.
Trevlig helg!
Nyheter i veckan
CISA Releases Malware Analysis Reports on Barracuda Backdoors (18 aug)
https://www.cisa.gov/news-events/alerts/2023/07/28/cisa-releases-malware-analysis-reports-barracuda-backdoors
Japanese watchmaker Seiko breached by BlackCat ransomware gang (21 aug)
https://www.bleepingcomputer.com/news/security/japanese-watchmaker-seiko-breached-by-blackcat-ransomware-gang/
TP-Link smart bulbs can let hackers steal your WiFi password (21 aug)
https://www.bleepingcomputer.com/news/security/tp-link-smart-bulbs-can-let-hackers-steal-your-wifi-password/
French town of Sartrouville recovering from cyberattack claimed by ransomware gang (21 aug)
https://therecord.media/french-town-hit-by-cyberattack
British intelligence is tipping off ransomware targets to disrupt attacks (21 aug)
https://therecord.media/gchq-ncsc-tipping-off-ransomware-targets-early-warning
Tesla says data breach impacting 75,000 employees was an insider job (21 aug)
https://techcrunch.com/2023/08/21/tesla-breach-employee-insider/
Australian software provider Energy One hit by cyberattack (21 aug)
https://therecord.media/australian-energy-one-hit-with-cyberattack
Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer (21 aug)
https://www.securityweek.com/researchers-uncover-real-identity-of-cypherrat-and-craxsrat-malware-developer/
Akira ransomware targets Cisco VPNs to breach organizations (22 aug)
https://www.bleepingcomputer.com/news/security/akira-ransomware-targets-cisco-vpns-to-breach-organizations/
Carderbee hacking group hits Hong Kong orgs in supply chain attack (22 aug)
https://www.bleepingcomputer.com/news/security/carderbee-hacking-group-hits-hong-kong-orgs-in-supply-chain-attack/
Cyberattack on Belgian social service centers forces them to close (22 aug)
https://therecord.media/charleroi-belgium-cpas-cyberattack
MacOS version of info-stealing XLoader gets an upgrade (22 aug)
https://therecord.media/apple-macos-malware-xloader-infostealer
Open redirect flaws increasingly exploited by phishers (23 aug)
https://www.helpnetsecurity.com/2023/08/23/open-redirect-phishing/
Cybercriminals turn to AI to bypass modern email security measures (23 aug)
https://www.helpnetsecurity.com/2023/08/23/ai-enabled-email-threats/
Discord starts notifying users affected by March data breach (23 aug)
https://www.bleepingcomputer.com/news/security/discord-starts-notifying-users-affected-by-march-data-breach/
Profile Stealers Spread via LLM-themed Facebook Ads (23 aug)
https://www.trendmicro.com/en_us/research/23/h/profile-stealers-spread-via-llm-themed-facebook-ads.html
Protecting Canada’s energy infrastructure and supply chain from cyber attacks (23 aug)
https://uwaterloo.ca/news/protecting-canadas-energy-infrastructure-and-supply-chain
US issues threat warning after hackers break into a satellite (23 aug)
https://www.defenseone.com/threats/2023/08/national-intelligence-office-issues-cyber-warning-government-and-commercial-satellites/389671/
WinRAR zero-day exploited since April to hack trading accounts (23 aug)
https://www.bleepingcomputer.com/news/security/winrar-zero-day-exploited-since-april-to-hack-trading-accounts/
Danish cloud host says customers ‘lost all data’ after ransomware attack (23 aug)
https://techcrunch.com/2023/08/23/cloudnordic-azero-cloud-host-ransomware/
..
Mange danske virksomheder er ramt af hackerangreb: ”Der er ingen virksomhed tilbage” (23 aug)
https://www.radio4.dk/nyheder/mange-danske-virksomheder-er-ramt-af-hackerangreb-der-er-ingen-virksomhed-tilbage/
..
CloudNordic Faces Severe Data Loss After Ransomware Attack (24 aug)
https://www.hackread.com/cloudnordic-data-loss-ransomware-attack/
New “Whiffy Recon” Malware Triangulates Infected Device Location via Wi-Fi Every Minute (24 aug)
https://thehackernews.com/2023/08/new-whiffy-recon-malware-triangulates.html
Informationssäkerhet och blandat
Cybercrime: 14 arrests, thousands of illicit cyber networks disrupted in Africa operation (18 aug)
https://www.interpol.int/News-and-Events/News/2023/Cybercrime-14-arrests-thousands-of-illicit-cyber-networks-disrupted-in-Africa-operation
Quantum-Readiness: Migration to Post-Quantum Cryptography (21 aug)
https://www.cisa.gov/resources-tools/resources/quantum-readiness-migration-post-quantum-cryptography
Cyber-Awareness Education Is a Change-Management Initiative (23 aug)
https://www.fortinet.com/blog/ciso-collective/cyber-awareness-is-a-change-management-initiative
5 Early Warning Indicators That Are Key to Protecting National Secrets (23 aug)
https://www.darkreading.com/vulnerabilities-threats/5-early-warning-indicators-that-are-key-to-protecting-national-secrets
Här är KTH:s nya superdator – snabbast i Sverige (23 aug)
https://sverigesradio.se/artikel/har-ar-kths-nya-superdator-snabbast-i-sverige
Särskilt sändebud för internationella cyberfrågor (24 aug)
https://www.regeringen.se/pressmeddelanden/2023/08/ny-sidasarskilt-sandebud-for-internationella-cyberfragor/
Tolv kommuner bildar AI-råd – vill driva på utvecklingen (24 aug)
https://computersweden.idg.se/2.2683/1.779823/tolv-kommuner-bildar-ai-rad–vill-driva-pa-utvecklingen
Europe’s tough new rules for Big Tech start today. Is anyone ready? (25 aug)
https://www.theregister.com/2023/08/25/google_eu_dsa/
ENISA Call for Expression of Interest – Participate in the survey on Cryptographic Products and Services Cybersecurity Market Analysis
https://www.enisa.europa.eu/topics/market/enisa-survey-on-cryptographic-products-and-services/
Rapporter
NCC Group Cyber Threat Intelligence Reports: July 2023 Report
https://www.nccgroup.com/us/resource-hub/cyber-threat-intelligence-reports/
Så kan militära AI-system angripas och vilseledas (22 aug)
https://www.foi.se/nyheter-och-press/nyheter/2023-08-22-sa-kan-militara-ai-system-angripas-och-vilseledas.html
Surge in Cybercrime: Check Point 2023 Mid-Year Security Report Reveals 48 Ransomware Groups Have Breached Over 2,200 Victims (23 aug)
https://blog.checkpoint.com/security/check-point-software-2023-mid-year-security-report-old-meets-new-as-usb-devices-and-artificial-intelligence-are-exploited-by-cybercriminals/
Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders (23 aug)
https://news.sophos.com/en-us/2023/08/23/active-adversary-for-tech-leaders/
Netskope Threat Labs Report: TELECOM
https://www.netskope.com/netskope-threat-labs/threat-labs-report-telecom-august-2023