CERT-SE:s veckobrev v.48
Det har varit en händelserik vecka i cybervärlden. Här kommer ett urval av CERT-SE:s omvärldsbevakning samt en cyberutmaning till adventsmyset.
Trevlig helg!
Nyheter i veckan
ESET Research dives into the onboarding and scamming processes of Telekopye online fraudsters (23 nov) https://www.eset.com/int/about/newsroom/press-releases/research/eset-research-dives-into-the-onboarding-and-scamming-processes-of-telekopye-online-fraudsters/
Bekräftat: Ransomware-attack mot Svenska kyrkan (24 nov)
https://www.kyrkanstidning.se/nyhet/allvarlig-it-storning-pa-svenska-kyrkans-webbplats
..
Cyberangrepp mot Svenska kyrkan (23 nov)
https://via.tt.se/pressmeddelande/3393640/cyberangrepp-mot-svenska-kyrkan
Legal tech firm investigating cyberattack that could scupper sales (24 nov) https://www.estateagenttoday.co.uk/breaking-news/2023/11/legal-tech-firm-investigating-cyberattack-that-could-scupper-sales
UK police plan national roll-out of facial-recognition phone app (24 nov) https://www.computerweekly.com/news/366560813/UK-police-plan-national-roll-out-of-facial-recognition-phone-app
Hackers Hijack Industrial Control System at US Water Utility (27 nov)
https://www.securityweek.com/hackers-hijack-industrial-control-system-at-us-water-utility/
..
Water Utility Control System Cyber Incident Advisory: ICS/SCADA Incident at Municipal Water Authority of Aliquippa (27 nov)
https://www.waterisac.org/portal/tlpclear-water-utility-control-system-cyber-incident-advisory-icsscada-incident-municipal
..
Exploitation of Unitronics PLCs used in Water and Wastewater Systems (28 nov)
https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems
Ardent hospital ERs disrupted in 6 states after ransomware attack (27 nov)
https://www.bleepingcomputer.com/news/security/ardent-hospital-ers-disrupted-in-6-states-after-ransomware-attack/
..
Capital Health | Information Technology Security Incident
https://www.capitalhealth.org/information-technology-security-incident
Slovenia’s largest power provider HSE hit by ransomware attack (27 nov) https://www.bleepingcomputer.com/news/security/slovenias-largest-power-provider-hse-hit-by-ransomware-attack/
Cyberattack on Japan firm managing Line app was ‘supply chain attack’ targeting weakness (28 nov) https://mainichi.jp/english/articles/20231128/p2a/00m/0bu/023000c
Joint Cyberspace Command participates in execise Cyber Coalition 2023 (28 nov) https://emad.defensa.gob.es/en/prensa/noticias/2023/11/Listado/231128-ni-ciber-mcce-em.html
New BLUFFS attack lets attackers hijack Bluetooth connections (28 nov) https://www.bleepingcomputer.com/news/security/new-bluffs-attack-lets-attackers-hijack-bluetooth-connections/
Felsökning kring journalsystemet TakeCare fortsätter (29 nov) https://www.regionstockholm.se/verksamhet/halsa-och-vard/nyheter-halsa-och-vard/2023/11/felsokning-kring-journalsystemet-takecare-fortsatter/
Japan’s space agency hit by cyberattack (29 nov) https://therecord.media/japan-space-agency-cyberattack
Okta says hackers stole data for all customer support users in cyber breach (29 nov)
https://www.reuters.com/technology/cybersecurity/okta-says-hackers-stole-data-all-customer-support-users-cyber-breach-2023-11-29/
..
Okta | October Customer Support Security Incident - Update and Recommended Actions (29 nov)
https://sec.okta.com/harfiles
Behind the Attack: LUMMA Malware (29 nov) https://perception-point.io/blog/behind-the-attack-lumma-malware/
Zoom Vulnerability Allowed Hackers to Take Over Meetings, Steal Data (29 nov) https://www.hackread.com/zoom-vulnerability-hackers-hijack-meetings-data/
Cybersäkerhetscentrets veckoöversikt – 47/2023 (29 nov) https://www.kyberturvallisuuskeskus.fi/sv/aktuellt/cybersakerhetscentrets-veckooversikt-472023
Promon discovers new Android banking malware, “FjordPhantom” (30 nov) https://promon.co/security-news/fjordphantom-android-malware/
RedLine Stealer Malware Deployed Via ScrubCrypt Evasion Tool (30 nov) https://www.infosecurity-magazine.com/news/redline-stealer-malware-scrubcrypt/
CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks (30 nov) https://thehackernews.com/2023/11/cactus-ransomware-exploits-qlik-sense.html
Informationssäkerhet och blandat
DHS CISA and UK NCSC Release Joint Guidelines for Secure AI System Development (26 nov)
https://www.cisa.gov/news-events/news/dhs-cisa-and-uk-ncsc-release-joint-guidelines-secure-ai-system-development
..
Roadmap for AI
https://www.cisa.gov/resources-tools/resources/roadmap-ai
..
Guidelines for secure AI system development (27 nov)
https://www.ncsc.gov.uk/collection/guidelines-secure-ai-system-development
..
4 key takeaways from new global AI security guidelines (27 nov)
https://www.scmagazine.com/news/4-key-takeaways-from-new-global-ai-security-guidelines
Women in Cybersecurity: Breaking Barriers & Shaping Futures (27 nov) https://techround.co.uk/startups/women-cybersecurity-breaking-barriers-shaping-future/
Digg och IMY publicerar vägledning om dataskydd och innovation (27 nov) https://www.imy.se/nyheter/digg-och-imy-publicerar-vagledning-om-dataskydd-och-innovation/
Digital car keys are here. Are we ready? (27 nov) https://www.theverge.com/23970875/digital-car-key-iphone-unlock-start-ccc-standard
‘Tis the season to be wary: 12 steps to ruin a cybercriminal’s day (27 nov) https://www.welivesecurity.com/en/scams/tis-season-wary-ruin-cybercriminals-day/
Försvarsmakten bygger ut cyberförsvar: ”Blivit högre intresse” (28 nov) https://sverigesradio.se/artikel/forsvaret-behover-fler-cyberkunniga
International collaboration leads to dismantlement of ransomware group in Ukraine amidst ongoing war (28 nov) https://www.europol.europa.eu/media-press/newsroom/news/international-collaboration-leads-to-dismantlement-of-ransomware-group-in-ukraine-amidst-ongoing-war
Stort säkerhetsfokus i Kil efter it-attack mot grannkommunen (29 nov) https://www.voister.se/artikel/2023/11/stort-sakerhetsfokus-i-kil-efter-it-attack-mot-grannkommunen
CISA Announces Secure by Design Alert Series: How Vendor Decisions Can Reduce Harm at a Global Scale (29 nov)
https://www.cisa.gov/news-events/news/cisa-announces-secure-design-alert-series-how-vendor-decisions-can-reduce-harm-global-scale
..
Secure by Design Alert: How Software Manufacturers Can Shield Web Management Interfaces From Malicious Cyber Activity (29 nov)
https://www.cisa.gov/resources-tools/resources/secure-design-alert-how-software-manufacturers-can-shield-web-management-interfaces-malicious-cyber
Black Basta ransomware victims have paid over $100 million (29 nov) https://www.elliptic.co/blog/black-basta-ransomware-victims-have-paid-over-100-million
Five Cybersecurity Predictions for 2024 (29 nov) https://www.securityweek.com/five-cybersecurity-predictions-for-2024/
How AI Is Shaping Malware Analysis (29 nov) https://blog.virustotal.com/2023/11/how-ai-is-shaping-malware-analysis.html
AI: The new puppet master behind cyberattacks (30 nov) https://www.scmagazine.com/perspective/ai-the-new-puppetmaster-behind-cyberattacks
2023 SANS Holiday Hack Challenge & KringleCon https://www.sans.org/mlp/holiday-hack-challenge-2023/
CERT-SE i veckan
Flera kritiska sårbarheter i Zyxels NAS-produkter (1 dec) https://www.cert.se/2023/12/flera-kritiska-sarbarheter-i-zyxels-nas-produkter.html