CERT-SE:s veckobrev v.48

Veckobrev

Det har varit en händelserik vecka i cybervärlden. Här kommer ett urval av CERT-SE:s omvärldsbevakning samt en cyberutmaning till adventsmyset.

Trevlig helg!

Nyheter i veckan

ESET Research dives into the onboarding and scamming processes of Telekopye online fraudsters (23 nov) https://www.eset.com/int/about/newsroom/press-releases/research/eset-research-dives-into-the-onboarding-and-scamming-processes-of-telekopye-online-fraudsters/

Bekräftat: Ransomware-attack mot Svenska kyrkan (24 nov) https://www.kyrkanstidning.se/nyhet/allvarlig-it-storning-pa-svenska-kyrkans-webbplats ..
Cyberangrepp mot Svenska kyrkan (23 nov) https://via.tt.se/pressmeddelande/3393640/cyberangrepp-mot-svenska-kyrkan

Legal tech firm investigating cyberattack that could scupper sales (24 nov) https://www.estateagenttoday.co.uk/breaking-news/2023/11/legal-tech-firm-investigating-cyberattack-that-could-scupper-sales

UK police plan national roll-out of facial-recognition phone app (24 nov) https://www.computerweekly.com/news/366560813/UK-police-plan-national-roll-out-of-facial-recognition-phone-app

Hackers Hijack Industrial Control System at US Water Utility (27 nov) https://www.securityweek.com/hackers-hijack-industrial-control-system-at-us-water-utility/ ..
Water Utility Control System Cyber Incident Advisory: ICS/SCADA Incident at Municipal Water Authority of Aliquippa (27 nov) https://www.waterisac.org/portal/tlpclear-water-utility-control-system-cyber-incident-advisory-icsscada-incident-municipal ..
Exploitation of Unitronics PLCs used in Water and Wastewater Systems (28 nov) https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems

Ardent hospital ERs disrupted in 6 states after ransomware attack (27 nov) https://www.bleepingcomputer.com/news/security/ardent-hospital-ers-disrupted-in-6-states-after-ransomware-attack/ ..
Capital Health | Information Technology Security Incident https://www.capitalhealth.org/information-technology-security-incident

Slovenia’s largest power provider HSE hit by ransomware attack (27 nov) https://www.bleepingcomputer.com/news/security/slovenias-largest-power-provider-hse-hit-by-ransomware-attack/

Cyberattack on Japan firm managing Line app was ‘supply chain attack’ targeting weakness (28 nov) https://mainichi.jp/english/articles/20231128/p2a/00m/0bu/023000c

Joint Cyberspace Command participates in execise Cyber Coalition 2023 (28 nov) https://emad.defensa.gob.es/en/prensa/noticias/2023/11/Listado/231128-ni-ciber-mcce-em.html

New BLUFFS attack lets attackers hijack Bluetooth connections (28 nov) https://www.bleepingcomputer.com/news/security/new-bluffs-attack-lets-attackers-hijack-bluetooth-connections/

Felsökning kring journalsystemet TakeCare fortsätter (29 nov) https://www.regionstockholm.se/verksamhet/halsa-och-vard/nyheter-halsa-och-vard/2023/11/felsokning-kring-journalsystemet-takecare-fortsatter/

Japan’s space agency hit by cyberattack (29 nov) https://therecord.media/japan-space-agency-cyberattack

Okta says hackers stole data for all customer support users in cyber breach (29 nov) https://www.reuters.com/technology/cybersecurity/okta-says-hackers-stole-data-all-customer-support-users-cyber-breach-2023-11-29/ ..
Okta | October Customer Support Security Incident - Update and Recommended Actions (29 nov) https://sec.okta.com/harfiles

Behind the Attack: LUMMA Malware (29 nov) https://perception-point.io/blog/behind-the-attack-lumma-malware/

Zoom Vulnerability Allowed Hackers to Take Over Meetings, Steal Data (29 nov) https://www.hackread.com/zoom-vulnerability-hackers-hijack-meetings-data/

Cybersäkerhetscentrets veckoöversikt – 47/2023 (29 nov) https://www.kyberturvallisuuskeskus.fi/sv/aktuellt/cybersakerhetscentrets-veckooversikt-472023

Promon discovers new Android banking malware, “FjordPhantom” (30 nov) https://promon.co/security-news/fjordphantom-android-malware/

RedLine Stealer Malware Deployed Via ScrubCrypt Evasion Tool (30 nov) https://www.infosecurity-magazine.com/news/redline-stealer-malware-scrubcrypt/

CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks (30 nov) https://thehackernews.com/2023/11/cactus-ransomware-exploits-qlik-sense.html

Informationssäkerhet och blandat

DHS CISA and UK NCSC Release Joint Guidelines for Secure AI System Development (26 nov) https://www.cisa.gov/news-events/news/dhs-cisa-and-uk-ncsc-release-joint-guidelines-secure-ai-system-development ..
Roadmap for AI https://www.cisa.gov/resources-tools/resources/roadmap-ai ..
Guidelines for secure AI system development (27 nov) https://www.ncsc.gov.uk/collection/guidelines-secure-ai-system-development ..
4 key takeaways from new global AI security guidelines (27 nov) https://www.scmagazine.com/news/4-key-takeaways-from-new-global-ai-security-guidelines

Women in Cybersecurity: Breaking Barriers & Shaping Futures (27 nov) https://techround.co.uk/startups/women-cybersecurity-breaking-barriers-shaping-future/

Digg och IMY publicerar vägledning om dataskydd och innovation (27 nov) https://www.imy.se/nyheter/digg-och-imy-publicerar-vagledning-om-dataskydd-och-innovation/

Digital car keys are here. Are we ready? (27 nov) https://www.theverge.com/23970875/digital-car-key-iphone-unlock-start-ccc-standard

‘Tis the season to be wary: 12 steps to ruin a cybercriminal’s day (27 nov) https://www.welivesecurity.com/en/scams/tis-season-wary-ruin-cybercriminals-day/

Försvarsmakten bygger ut cyberförsvar: ”Blivit högre intresse” (28 nov) https://sverigesradio.se/artikel/forsvaret-behover-fler-cyberkunniga

International collaboration leads to dismantlement of ransomware group in Ukraine amidst ongoing war (28 nov) https://www.europol.europa.eu/media-press/newsroom/news/international-collaboration-leads-to-dismantlement-of-ransomware-group-in-ukraine-amidst-ongoing-war

Stort säkerhetsfokus i Kil efter it-attack mot grannkommunen (29 nov) https://www.voister.se/artikel/2023/11/stort-sakerhetsfokus-i-kil-efter-it-attack-mot-grannkommunen

CISA Announces Secure by Design Alert Series: How Vendor Decisions Can Reduce Harm at a Global Scale (29 nov) https://www.cisa.gov/news-events/news/cisa-announces-secure-design-alert-series-how-vendor-decisions-can-reduce-harm-global-scale ..
Secure by Design Alert: How Software Manufacturers Can Shield Web Management Interfaces From Malicious Cyber Activity (29 nov) https://www.cisa.gov/resources-tools/resources/secure-design-alert-how-software-manufacturers-can-shield-web-management-interfaces-malicious-cyber

Black Basta ransomware victims have paid over $100 million (29 nov) https://www.elliptic.co/blog/black-basta-ransomware-victims-have-paid-over-100-million

Five Cybersecurity Predictions for 2024 (29 nov) https://www.securityweek.com/five-cybersecurity-predictions-for-2024/

How AI Is Shaping Malware Analysis (29 nov) https://blog.virustotal.com/2023/11/how-ai-is-shaping-malware-analysis.html

AI: The new puppet master behind cyberattacks (30 nov) https://www.scmagazine.com/perspective/ai-the-new-puppetmaster-behind-cyberattacks

2023 SANS Holiday Hack Challenge & KringleCon https://www.sans.org/mlp/holiday-hack-challenge-2023/

CERT-SE i veckan

Flera kritiska sårbarheter i Zyxels NAS-produkter (1 dec) https://www.cert.se/2023/12/flera-kritiska-sarbarheter-i-zyxels-nas-produkter.html