CERT-SE:s veckobrev v.22

Veckobrev

Under veckan har en sårbarhet i VPN-produkter från Check Points uppmärksammats. Sårbarheten utnyttjas aktivt och att genomföra en exploatering är relativt enkelt. CERT-SE vill därför trycka på vikten att snarast möjligt uppdatera och vidta andra åtgärder. Se vidare: http://www.cert.se/2024/05/nolldagssarbarhet-i-vpn-produkter-fran-check-point.html

Nyheter i veckan

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack (23 maj) https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack/

Lantmäteriet begränsar tillgången till viss information i ett antal digitala tjänster på grund av säkerhetsskäl (24 maj) https://www.lantmateriet.se/sv/om-lantmateriet/press/nyheter/lantmateriet-begransar-tillgangen-till-viss-information-i-ett-antal-digitala-tjanster-pa-grund-av-sakerhetsskal

Potent youth cybercrime ring made up of 1,000 people, FBI official says (24 maj) https://cyberscoop.com/potent-youth-cybercrime-ring-made-up-of-1000-people-fbi-official-says

Hackers phish finance orgs using trojanized Minesweeper clone (26 maj) https://www.bleepingcomputer.com/news/security/hackers-phish-finance-orgs-using-trojanized-minesweeper-clone/

Popular recording software used in courtrooms infected by password-stealing backdoor (27 maj) https://www.techspot.com/news/103151-popular-recording-software-used-courtrooms-infected-password-stealing.html

Police arrest man after computer viruses created by misusing AI (28 maj) https://www.asahi.com/ajw/articles/15283413

Researchers Warn of CatDDoS Botnet and DNSBomb DDoS Attack Technique (28 maj) https://thehackernews.com/2024/05/researchers-warn-of-catddos-botnet-and.html

Treasury Sanctions Creators of 911 S5 Proxy Botnet (28 maj) https://krebsonsecurity.com/2024/05/treasury-sanctions-creators-of-911-s5-proxy-botnet/

Data breach exposes details of 25,000 current and former BBC employees (29 maj) https://www.theguardian.com/media/article/2024/may/29/data-breach-exposes-details-of-25000-current-and-former-bbc-employees

Hackare uppger: Har stulit data från Ticketmaster (29 maj) https://www.svt.se/nyheter/utrikes/hackare-uppger-har-stulit-data-fran-ticketmaster ..

It-experten: Dataintrång på biljettjätten kan stämma (29 maj) https://sverigesradio.se/artikel/it-experten-dataintrang-pa-biljettjatten-kan-stamma

Cybercriminals Abuse Stack Overflow to Promote Malicious Python Package (30 maj) https://thehackernews.com/2024/05/cybercriminals-abuse-stackoverflow-to.html

Operation Endgame (30 maj) https://www.troyhunt.com/operation-endgame/ ..

Largest ever operation against botnets hits dropper malware ecosystem (30 maj) https://www.europol.europa.eu/media-press/newsroom/news/largest-ever-operation-against-botnets-hits-dropper-malware-ecosystem

Rapporter och analyser

Rapport: Var fjärde företag har aldrig testat sin säkerhetsplan (27 maj) https://www.voister.se/artikel/2024/05/rapport-var-fjarde-foretag-har-aldrig-testat-sin-sakerhetsplan ..

The CIO report: Leading your business through cyber risk https://assets.barracuda.com/assets/docs/dms/barracuda-cyber-resilience-report.pdf

Svenska it-säkerhetschefer ser generativ AI som en stor risk (27 maj) https://computersweden.se/article/2115778/svenska-it-sakerhetschefer-ser-generativ-ai-som-en-stor-risk.html ..

2024 Voice of the CISO https://www.proofpoint.com/us/resources/white-papers/voice-of-the-ciso-report

Din bil riskerar att bli hackad – om den inte redan är det (27 maj) https://www.his.se/nyheter/2024/maj/din-bil-riskerar-att-bli-hackad--om-den-inte-redan-ar-det

Europe’s cybersecurity chief says disruptive attacks have doubled in 2024, sees Russia behind many (29 maj) https://apnews.com/article/europe-election-cybersecurity-russia-ukraine-5b0cca725d17a028dd458df77a60440c

Informationssäkerhet och blandat

Scientists Have Discovered A New Way To Count (And It’s Actually Really Important) (22 maj) https://www.iflscience.com/scientists-have-discovered-a-new-way-to-count-and-its-actually-really-important-74327

Så hanterade Vellinge vinterns cyberattack (27 maj) https://www.voister.se/artikel/2024/05/sa-hanterade-vellinge-vinterns-cyberattack

EU Is Tightening Cybersecurity for Energy Providers (29 maj) https://www.tripwire.com/state-of-security/eu-tightening-cybersecurity-energy-providers

CERT-SE i veckan

Nolldagssårbarhet i VPN-produkter från Check Point (29 maj) https://www.cert.se/2024/05/nolldagssarbarhet-i-vpn-produkter-fran-check-point.html