CERT-SE:s veckobrev v.49
I veckan har ENISA släppt 2024 Report on the state of Cybersecurity in the Union. Rekommenderad läsning!
Trevlig andra advent önskar CERT-SE.
Nyheter i veckan
Ransom gang claims attack on NHS Alder Hey Children’s Hospital (29 nov) https://www.theregister.com/2024/11/29/inc_ransom_alder_hey_childrens_hospital
Novel phishing campaign uses corrupted Word documents to evade security (1 dec) https://www.bleepingcomputer.com/news/security/novel-phising-campaign-uses-corrupted-word-documents-to-evade-security/
INTERPOL Arrests 5,500 in Global Cybercrime Crackdown, Seizes Over $400 Million (2 dec) https://thehackernews.com/2024/12/interpol-arrests-5500-in-global.html
Former Polish spy chief arrested to testify before parliament in spyware probe (2 dec) https://therecord.media/poland-former-spy-chief-testifies-pegasus-spyware
Microsoft 365 credentials stolen via adversary-in-the-middle campaign (2 dec) https://www.scworld.com/news/microsoft-365-credentials-stolen-via-adversary-in-the-middle-campaign
Energy industry contractor says ransomware attack has limited access to IT systems (3 dec) https://therecord.media/energy-industry-contractor-ransomware-disruption
Data on 760K workers from Xerox, Nokia, BofA, Morgan Stanley and more dumped online (3 dec) https://www.theregister.com/2024/12/03/760k_xerox_nokia_bofa_morgan/
Corrupted Microsoft Word files used to launch phishing attacks (3 dec) https://www.techradar.com/pro/security/corrupted-microsoft-word-files-used-to-launch-phishing-attacks
No company too small for Phobos ransomware gang, indictment reveals (4 dec) https://www.malwarebytes.com/blog/news/2024/12/no-company-too-small-for-phobos-ransomware-gang-indictment-reveals
Rapporter och analyser
Top 10 Cyber-Attacks of 2024 (2 dec) https://www.infosecurity-magazine.com/news-features/top-cyber-attacks-2024/
Why OT environments are vulnerable – and what to do about it (2 dec) https://www.scworld.com/perspective/why-ot-environments-are-vulnerable-and-what-to-do-about-it
The cybersecurity landscape in 2025: Key trends and strategic shifts (3 dec) https://securitybrief.co.nz/story/the-cybersecurity-landscape-in-2025-key-trends-and-strategic-shifts
NCSC publishes Annual Review 2024 (3 dec) https://www.techuk.org/resource/ncsc-publishes-annual-review-2024.html
Why Phishers Love New TLDs Like .shop, .top and .xyz (3 dec) https://krebsonsecurity.com/2024/12/why-phishers-love-new-tlds-like-shop-top-and-xyz/
EU’s first ever report on the state of cybersecurity in the Union (3 dec) https://www.enisa.europa.eu/news/eus-first-ever-report-on-the-state-of-cybersecurity-in-the-union
FTC Takes Action Against Gravy Analytics, Venntel for Unlawfully Selling Location Data Tracking Consumers to Sensitive Sites (3 dec) https://www.ftc.gov/news-events/news/press-releases/2024/12/ftc-takes-action-against-gravy-analytics-venntel-unlawfully-selling-location-data-tracking-consumers
Gafgyt Malware Broadens Its Scope in Recent Attacks (3 dec) https://www.trendmicro.com/en_us/research/24/l/gafgyt-malware-targeting-docker-remote-api-servers.html
Cyber security evolves for software-defined vehicles (4 dec) https://www.automotiveworld.com/articles/connected-mobility-articles/cyber-security-evolves-for-software-defined-vehicles/
At least 8 US telcos, dozens of countries impacted by Salt Typhoon breaches, White House says (5 dec) https://therecord.media/eight-telcos-breached-salt-typhoon-nsc
Romania’s election systems targeted in over 85,000 cyberattacks (5 dec) https://www.bleepingcomputer.com/news/security/romanias-election-systems-targeted-in-over-85-000-cyberattacks/
Informationssäkerhet och blandat
The growing role of biometrics in identity verification (2 dec) https://www.biometricupdate.com/202412/the-growing-role-of-biometrics-in-identity-verification
Cybernav och insatsstyrkor – nu ska EU vässa cybersäkerheten (3 dec) https://computersweden.se/article/3616174/cybernav-och-insatsstyrkor-nu-ska-eu-vassa-cybersakerheten.html
New EU Regulation Establishes European ‘Cybersecurity Shield’ (3 dec) https://www.securityweek.com/new-eu-regulation-establishes-european-cybersecurity-shield/
INTERPOL campaign warns against cyber and financial crimes (3 dec) https://www.interpol.int/News-and-Events/News/2024/INTERPOL-campaign-warns-against-cyber-and-financial-crimes
Enhanced Visibility and Hardening Guidance for Communications Infrastructure (4 dec) https://www.cisa.gov/resources-tools/resources/enhanced-visibility-and-hardening-guidance-communications-infrastructure
CERT-SE i veckan
Kritiska sårbarheter i IBM Security Verify Access Appliance (3 dec) https://www.cert.se/2024/12/kritiska-sarbarheter-i-ibm-security-verify-access-appliance.html
Kritisk sårbarhet i Veeam Service Provider Console (4 dec) https://www.cert.se/2024/12/kritisk-sarbarhet-i-veeam-service-provider-console.html