CERT-SE:s veckobrev v.13
Blandade nyheter från veckan.
Trevlig påskhelg önskar CERT-SE!
Nyheter i veckan
Driftstörningar hos Telenor orsakade problem att ringa SOS (22 mar) https://sverigesradio.se/artikel/driftstorningar-hos-telenor-orsakade-problem-att-ringa-sos
German Police Seize ‘Nemesis Market’ in Major International Darknet Raid (24 mar) https://thehackernews.com/2024/03/german-police-seize-nemesis-market-in.html
Key Lesson from Microsoft’s Password Spray Hack: Secure Every Account (25 mar) https://thehackernews.com/2024/03/key-lesson-from-microsofts-password.html
Tech trade union confirms cyberattack behind IT, email outage (25 mar) https://www.theregister.com/2024/03/25/cwu_security_incident/?td=rt-3a
CISA urges software devs to weed out SQL injection vulnerabilities (25 mar) https://www.bleepingcomputer.com/news/security/cisa-urges-software-devs-to-weed-out-sql-injection-vulnerabilities/ .. https://www.cisa.gov/resources-tools/resources/secure-design-alert-eliminating-sql-injection-vulnerabilities-software
Over 170K users caught up in poisoned Python package ruse (25 mar) https://www.theregister.com/2024/03/25/python_package_malware/
HKScan targeted in cybersecurity attack (25 mar) https://www.wattagnet.com/regions/europe/article/15667131/hkscan-targeted-in-cybersecurity-attack .. https://www.hkscan.com/en/newsroom/news/2024/03/information-security-release-c4780757/
New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts (25 mar) https://www.bleepingcomputer.com/news/security/new-mfa-bypassing-phishing-kit-targets-microsoft-365-gmail-accounts/
New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts (25 mar) https://www.bleepingcomputer.com/news/security/new-mfa-bypassing-phishing-kit-targets-microsoft-365-gmail-accounts/
US sanctions APT31 hackers behind critical infrastructure attacks (25 mar) https://www.bleepingcomputer.com/news/security/us-sanctions-apt31-hackers-behind-critical-infrastructure-attacks/
EU Commission launches probes into Alphabet, Apple, Meta for anticompetitive behavior (25 mar) https://www.euractiv.com/section/platforms/news/eu-commission-launches-investigations-into-alphabet-apple-meta-for-anticompetitive-behavior/
Senator demands answers from HHS about $7.5 million cyber theft in 2023 (25 mar) https://therecord.media/hhs-reported-grant-payment-scam-sen-bill-cassidy-letter
China cyber-attacks explained: who is behind the hacking operation against the US and UK? (26 mar) https://www.theguardian.com/technology/2024/mar/26/china-cyber-attack-uk-us-explained-hack-apt-31
ZenHammer Attack Targets DRAM on Systems With AMD CPUs (26 mar) https://www.securityweek.com/zenhammer-attack-targets-dram-on-systems-with-amd-cpus/
Germany warns of 17K vulnerable Microsoft Exchange servers exposed online (26 mar) https://www.bleepingcomputer.com/news/security/germany-warns-of-17k-vulnerable-microsoft-exchange-servers-exposed-online/
China cyber-attacks explained: who is behind the hacking operation against the US and UK? (26 mar) https://www.theguardian.com/technology/2024/mar/26/china-cyber-attack-uk-us-explained-hack-apt-31
Tolv års handlingar oläsliga efter ransomware-attacken mot Kalmar (26 mar) https://computersweden.se/article/2074799/tolv-ars-handlingar-olasliga-efter-ransomwareattacken-mot-kalmar.html
Investigation into hacking of Parliament’s information systems has been ongoing (26 mar) https://poliisi.fi/en/-/investigation-into-hacking-of-parliament-s-information-systems-has-been-ongoing
Recent ‘MFA Bombing’ Attacks Targeting Apple Users (26 mar) https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/
Researchers Discover 40,000-Strong EOL Router, IoT Botnet (26 mar) https://www.securityweek.com/researchers-discover-40000-strong-eol-router-iot-botnet/
Zero-days exploited in the wild jumped 50% in 2023, fueled by spyware vendors (27 mar) https://therecord.media/zero-day-exploits-jumped-in-2023-spyware
92% of IT Leaders Say Cyberthreats Are on the Rise, 51% See AI Attacks for the First Time (27 mar) https://www.thefastmode.com/market-trends/35466-92-of-it-leaders-say-cyberthreats-are-on-the-rise-51-see-ai-attacks-for-the-first-time
Foresight Cybersecurity Threats For 2030 - Update 2024: Executive Summary (27 mar) https://www.enisa.europa.eu/publications/foresight-cybersecurity-threats-for-2030-update-2024-executive-summary
New Cyber Threats to Challenge Financial Services Sector in 2024 (27 mar) https://www.darkreading.com/cyberattacks-data-breaches/new-cyber-threats-to-challenge-financial-services-sector-in-2024 .. https://www.fsisac.com/navigatingcyber2024?utm_campaign=2024-GIOReport
Informationssäkerhet och blandat
NIST Launches Cybersecurity Framework (CSF) 2.0 (20 mar) https://www.trendmicro.com/en_us/research/24/c/nist-cybersecurity-framework-2024.html
Hardware-level Apple Silicon vulnerability can leak cryptographic keys (22 mar) https://www.theregister.com/AMP/2024/03/22/hardwarelevel_apple_silicon_vulnerability_can/
The UK Digital Information Bill: Brexit dividend or data disaster? (25 mar) https://www.theregister.com/2024/03/25/uk_digital_information_bill_feature/?td=keepreading
The state of ransomware: Faster, smarter, and meaner (25 mar) https://www.csoonline.com/article/2069830/the-state-of-ransomware.html/amp/
Data Security Trends: 2024 Report Analysis (25 mar) https://securityboulevard.com/2024/03/data-security-trends-2024-report-analysis/ .. 2024 Thales Data Threat Report Reveals Rise in Ransomware Attacks, as Compliance Failings Leave Businesses Vulnerable to Breaches https://www.thalesgroup.com/en/worldwide/security/press_release/2024-thales-data-threat-report-reveals-rise-ransomware-attacks
”It-skandalen förstörde människors liv” (25 mar) https://computersweden.se/article/2073623/it-skandalen-forstorde-manniskors-liv.html
Officials plan for new age of cyber threats to satellites (25 mar) https://www.politico.com/news/2024/03/25/satellite-cyber-threat-00148672
Finnish police linked APT31 to the 2021 parliament attack (27 mar) https://securityaffairs.com/161102/apt/finnish-police-linked-apt31-to-the-2021-parliament-attack.html
CERT-SE i veckan
Kritiska sårbarheter i FortiOS, FortiProxy och FortiClientEMS (13 mars) (Uppdaterad) https://www.cert.se/2024/03/kritiska-sarbarheter-i-fortios-och-fortiproxy.html