CERT-SE:s veckobrev v.25

Anmälan till Cybersäkerhetskonferensen har nu öppnat. Fokus för konferensen kommer vara NIS2-direktivet och annan lagstiftning inom cyberområdet. Se https://www.msb.se/sv/aktuellt/kalender/2024/oktober/cybersakerhetskonferensen-2024/

Sista dagen att söka tjänsten som projketledare vid CERT-SE närmar sig, ta en titt på https://msb.varbi.com/se/what:job/jobID:732300/type:job/where:4/apply:1

Trevlig midsommar önskar CERT-SE!

Nyheter i veckan

Exclusive: ICC probes cyberattacks in Ukraine as possible war crimes, sources say (14 jun) https://www.reuters.com/world/europe/icc-probes-cyberattacks-ukraine-possible-war-crimes-sources-2024-06-14/

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested (15 jun) https://krebsonsecurity.com/2024/06/alleged-boss-of-scattered-spider-hacking-group-arrested/

London Ransomware Attack Led to 1500 Cancelled Appointments and Operations (17 jun) https://www.infosecurity-magazine.com/news/london-ransomware1500-cancelled/

Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake (17 jun) https://www.wired.com/story/epam-snowflake-ticketmaster-breach-shinyhunters/

Medibank’s lack of multi-factor authentication allowed hackers to infiltrate systems, regulator alleges (17 jun) https://therecord.media/all-scottish-households-nhs-hack-alert

All households in Scottish region to get alert about hackers publishing stolen medical data (17 jun) https://www.theguardian.com/australia-news/article/2024/jun/17/medibank-hack-data-breach-federal-court-case

Fake Google Chrome errors trick you into running malicious PowerShell scripts (17 jun) https://www.bleepingcomputer.com/news/security/fake-google-chrome-errors-trick-you-into-running-malicious-powershell-scripts/

Malicious activities linked to the Nobelium intrusion set (19 jun) https://cert.ssi.gouv.fr/cti/CERTFR-2024-CTI-006/

Rapporter och analyser

From Clipboard to Compromise: A PowerShell Self-Pwn (17 jun) https://www.proofpoint.com/us/blog/threat-insight/clipboard-compromise-powershell-self-pwn

KraftCERT/InfraCERT Threat Assessment 2024 (17 jun) https://www.kraftcert.no/filer/KraftCERT-ThreatAssessment2024.pdf

USB-minnen och QR-koder – low tech-metoder fortsatt stora hot (18 jun) https://computersweden.se/article/2139528/usb-minnen-och-qr-koder-low-tech-metoder-fortsatt-stora-hot.html

Cloaked and Covert: Uncovering UNC3886 Espionage Operations (18 jun) https://cloud.google.com/blog/topics/threat-intelligence/uncovering-unc3886-espionage-operations

LockBit resurgence sees ransomware attacks reach record high in May (20 jun) https://siliconangle.com/2024/06/20/lockbit-resurgence-sees-ransomware-attacks-reach-record-high-may/

Informationssäkerhet och blandat

Civilministern har tagit emot förslag om en digital identitetsplånbok (17 jun) https://regeringen.se/pressmeddelanden/2024/06/civilministern-har-tagit-emot-forslag-om-en-digital-identitetsplanbok/

Efter cyberattacken mot Tietoevry – drabbade vill ha skadestånd (17 jun) https://computersweden.se/article/2149327/efter-cyberattacken-mot-tietoevry-drabbade-vill-ha-skadestand.html

Nu matas AI-assistenten för offentlig sektor med data – ”fullt fungerande prototyp” (17 jun) https://computersweden.se/article/2147759/nu-matas-ai-assistenten-for-offentlig-sektor-med-data-fullt-fungerande-prototyp.html

Cybersäkerhetskonferensen 2024 (17 jun) https://www.msb.se/sv/aktuellt/kalender/2024/oktober/cybersakerhetskonferensen-2024/

Ett nytt Nationellt cybersäkerhetcenter - Del 2 (18 jun) https://www.regeringen.se/rattsliga-dokument/departementsserien-och-promemorior/2024/06/ett-nytt-nationellt-cybersakerhetcenter---del-2/

Modern Approaches to Network Access Security (18 jun) https://www.cisa.gov/resources-tools/resources/modern-approaches-network-access-security

CERT-SE i veckan

Kritiska sårbarheter påverkar VMware vCenter Server (18 jun) https://www.cert.se/2024/06/kritiska-sarbarheter-paverkar-vmware-vcenter-server.html