CERT-SE:s veckobrev v.43
Blandade nyheter från veckan. Trevlig helg önskar CERT-SE!
Nyheter i veckan
Ragnar Locker ransomware gang taken down by international police swoop
https://www.europol.europa.eu/media-press/newsroom/news/ragnar-locker-ransomware-gang-taken-down-international-police-swoop
Internationella brottsmålsdomstolen: Cyberattacken hade spionage som mål (23 okt)
https://computersweden.idg.se/2.2683/1.780247/internationella-brottsmalsdomstolen-cyberattacken-hade-spionage-som-mal
City of Philadelphia discloses data breach after five months (23 okt)
https://www.bleepingcomputer.com/news/security/city-of-philadelphia-discloses-data-breach-after-five-months/
Ny attack mot Okta – hackare kom över kundinformation (23 okt)
https://computersweden.idg.se/2.2683/1.780249/okta-hackare
QNAP takes down server behind widespread brute-force attacks (23 okt)
https://www.bleepingcomputer.com/news/security/qnap-takes-down-server-behind-widespread-brute-force-attacks/
Spain arrests 34 cybercriminals who stole data of 4 million people (23 okt)
https://www.bleepingcomputer.com/news/security/spain-arrests-34-cybercriminals-who-stole-data-of-4-million-people/
1Password discloses security incident linked to Okta breach (23 okt)
https://www.bleepingcomputer.com/news/security/1password-discloses-security-incident-linked-to-okta-breach/
US energy firm shares how Akira ransomware hacked its systems (23 okt)
https://www.bleepingcomputer.com/news/security/us-energy-firm-shares-how-akira-ransomware-hacked-its-systems/
Generative AI phishing fears realized as model develops “highly convincing” emails in 5 minutes (24 okt)
https://www.csoonline.com/article/656698/generative-ai-phishing-fears-realized-as-model-develops-highly-convincing-emails-in-5-minutes.html
Espionage group uses webmail server zero-day to target European governments (25 okt)
https://therecord.media/winter-vivern-hackers-roundcube-webmail-zero-day
Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities (25 okt)
https://thehackernews.com/2023/10/alert-poc-exploits-released-for-citrix.html
Measures taken following the unprecedented cyber-attack on the ICC (27 okt)
https://www.icc-cpi.int/news/measures-taken-following-unprecedented-cyber-attack-icc
Microsoft warns of criminal group using ‘advanced’ phishing tricks (27 okt)
https://www.siliconrepublic.com/enterprise/microsoft-octo-tempest-cyberattacks-phishing
Informationssäkerhet och blandat
Dataintrång sprids från en organisation till en annan – sätt stopp för nätfiske (20 okt)
https://www.kyberturvallisuuskeskus.fi/sv/dataintrang-sprids-fran-en-organisation-till-en-annan-satt-stopp-natfiske
An Analysis of Signal’s PQXDH (20 okt)
https://cryspen.com/post/pqxdh/
Norge rammes av avanserte målrettede cyberangrep (20 okt)
https://nsm.no/aktuelt/norge-rammes-av-avanserte-malrettede-cyberangrep
..
Nasjonalt digitalt risikobilde 2023
https://nsm.no/getfile.php/1313382-1697777843/NSM/Filer/Dokumenter/Rapporter/Nasjonalt%20digitalt%20risikobilde%202023.pdf
How hackers can use stolen DNA data (24 okt)
https://technology.inquirer.net/129159/how-hackers-can-use-stolen-dna-data
September blev ny rekordmånad för ransomware (25 okt)
https://computersweden.idg.se/2.2683/1.780261/september-blev-rekordmanad-for-ransomware-attacker
ChatGPT wrote code that can make databases leak sensitive information (25 okt)
https://www.newscientist.com/article/2399370-chatgpt-wrote-code-that-can-make-databases-leak-sensitive-information/
Hackers can force iOS and macOS browsers to divulge passwords and much more (25 okt)
https://arstechnica.com/security/2023/10/hackers-can-force-ios-and-macos-browsers-to-divulge-passwords-and-a-whole-lot-more/
DDoS threat report for 2023 Q3 (26 okt)
https://blog.cloudflare.com/ddos-threat-report-2023-q3
Your email account was hacked. What now? (27 okt)
https://www.pcworld.com/article/2116162/how-to-recover-from-hacked-email-account.html
CERT-SE i veckan
Kritisk sårbarhet i F5 Networks BIG-IP
Flera sårbarheter i VMware vCenter Server, VMware Cloud Foundation och Aria Operations for Logs