CERT-SE:s veckobrev v.2

CERT-SE:s veckobrev är tillbaka, och omfattar denna gång insamling från den 20 december och framåt. Årsskiftet bjuder som vanligt på diverse sammanfattningar av 2024, liksom framåtblickande analyser.

Från CERT-SE:s sida vill vi med detta veckobrev trycka lite extra på att ta del av NCSC:s nypublicerade rapport, Cybersäkerhet i Sverige 2024: https://www.ncsc.se/siteassets/publikationer/cybersakerhet-i-sverige-2024.pdf

Trevlig helg!

Nyheter

Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts (26 dec) https://thehackernews.com/2024/12/brazilian-hacker-charged-for-extorting.html

Japan Airlines Was Hit by a Cyberattack, Delaying Flights During the Year-End Holiday Season (26 dec) https://www.securityweek.com/japan-airlines-was-hit-by-a-cyberattack-delaying-flights-during-the-year-end-holiday-season/

Volkswagen Data Breach: 800,000 Electric Car Owners’ Data Leaked (27 dec) https://cybersecuritynews.com/volkswagen-data-breach/

Cyber attack on Italy’s Foreign Ministry, airports claimed by pro-Russian hacker group (28 dec) https://www.reuters.com/technology/cybersecurity/cyber-attack-italys-foreign-ministry-airports-claimed-by-pro-russian-hacker-2024-12-28/

US Treasury Department breached through remote support platform (30 dec) https://www.bleepingcomputer.com/news/security/us-treasury-department-breached-through-remote-support-platform/

Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents (31 dec) https://thehackernews.com/2024/12/chinese-apt-exploits-beyondtrust-api.html

US Army soldier arrested in connection with AT&T, Verizon data breaches (31 dec) https://siliconangle.com/2024/12/31/us-army-soldier-arrested-connection-att-verizon-data-breaches/

US sanctions Russian and Iranian entities for interfering in presidential election (31 dec) https://therecord.media/2024-election-influence-operations-russia-iran-sanctions

Bad Likert Judge: A Novel Multi-Turn Technique to Jailbreak LLMs by Misusing Their Evaluation Capability (31 dec) https://unit42.paloaltonetworks.com/multi-turn-technique-jailbreaks-llms/

The biggest cybersecurity and cyberattack stories of 2024 (1 jan) https://www.bleepingcomputer.com/news/security/the-biggest-cybersecurity-and-cyberattack-stories-of-2024/

Krafttag mot telefonfusket: Stoppar 50 000 samtal per dag (2 jan) https://sverigesradio.se/artikel/telebolagen-gar-samman-for-att-hindra-nummerbedragarna

Hackers target dozens of VPN and AI extensions for Google Chrome to compromise data (2 jan) https://therecord.media/hackers-target-vpn-ai-extensions-google-chrome-malicious-updates

IT-attack visade på samhällets sårbarhet (4 jan) https://www.vasterbottningen.se/2025-01-04/it-attack-visade-pa-samhallets-sarbarhet-7b8ba

Is Your Car Spying on You? What It Means That Tesla Shared Data in the Las Vegas Explosion (6 jan) https://www.securityweek.com/is-your-car-spying-on-you-what-it-means-that-tesla-shared-data-in-the-las-vegas-explosion/

Salt Typhoon targets more US telecoms in widening attack campaign (7 jan) https://www.techmonitor.ai/technology/cybersecurity/salt-typhoon-targets-more-us-telecoms-widening-attack-campaign

Cyberattack i Spanien försenar de nya Krösatågen (9 jan) https://sverigesradio.se/artikel/cyberattack-i-spanien-forsenar-de-nya-krosatagen

Rapporter och födjupningar

Top 10 Identity Attacks in 2024: Protecting Credentials in a Digital World (27 dec) https://socradar.io/top-10-identity-attacks-in-2024-protecting-credentials/

These were the badly handled data breaches of 2024 (31 dec) https://techcrunch.com/2024/12/31/badly-handled-data-breaches-2024/

Cyber Threat Intelligence Review: Preparing for 2025 (1 jan) https://www.infosecurity-magazine.com/news-features/cyber-threat-intelligence-review/

FOI rapport: Rysslands cybersäkerhet sämre än väntat (1 jan) https://sverigesradio.se/artikel/rapport-rysslands-cybersakerhet-samre-an-vantat

NCSC-SE: Cybersäkerhet i Sverige 2024 (2 jan) https://www.ncsc.se/sv/aktuellt/cybersakerhet-i-sverige-2024/

Cybersecurity in 2025: A Look Back at 2024’s Biggest Cyber Attacks & Lessons for the Future (6 jan) https://socradar.io/cybersecurity-in-2025-2024s-biggest-cyber-attacks-lessons-for-future/

FBI varnar – svenska cyberexperten: ”Jag litar inte på några sms i dag” (3 jan) https://www.svt.se/nyheter/inrikes/fbi-varnar-svenska-cyberexperten-jag-litar-inte-pa-nagra-sms-i-dag

Säkerhet och AI – här är vad svenska cio:er pratar om i år (7 jan) https://computersweden.se/article/3630847/sakerhet-och-ai-har-ar-vad-svenska-cioer-pratar-om-i-ar.html

IoCs under the microscope: Enhancing cybersecurity through timely intelligence (7 jan) https://www.devdiscourse.com/article/technology/3210889-iocs-under-the-microscope-enhancing-cybersecurity-through-timely-intelligence

Informationssäkerhet och blandat

INTERPOL welcomes adoption of UN convention against cybercrime (23 dec) https://www.interpol.int/News-and-Events/News/2024/INTERPOL-welcomes-adoption-of-UN-convention-against-cybercrime

Kommuner försöker mota cyberattacker – men får inte in experter (26 dec) https://sverigesradio.se/artikel/kommuner-har-svart-att-locka-experter-pa-it-sakerhet

Då är Sverige i krig – cyberangrepp kan spela roll (28 dec) https://www.gp.se/nyheter/sverige/da-ar-sverige-i-krig-cyberangrepp-kan-spela-roll.9e656107-950f-4fd0-aacf-ca5860744df5

US govt launches cybersecurity safety label for smart devices (7 jan) https://www.bleepingcomputer.com/news/security/us-govt-launches-cybersecurity-safety-label-for-smart-devices/

IoCs under the microscope: Enhancing cybersecurity through timely intelligence (7 jan) https://betanews.com/2025/01/09/how-can-organizations-mitigate-the-security-risks-caused-by-human-error/

Nytt från CERT-SE

Microsofts månatliga säkerhetsuppdateringar för december 2024 (3 jan) https://www.cert.se2024/12/microsofts-manatliga-sakerhetsuppdateringar-for-december-2024.html

Kritisk sårbarhet i SonicWall SonicOS (8 jan) https://www.cert.se2025/01/kritisk-sarbarhet-i-sonicwall-sonicos.html

Kritisk sårbarhet i Ivanti Connect Secure, Policy Secure och ZTA Gateways https://www.cert.se/2025/01/kritisk-sarbarhet-ivanti-connect-secure-policy-secure-och-zta-gateways.html

Kritisk sårbarhet i Mitel MiCollab (10 jan) (uppdaterad) https://www.cert.se/2024/12/kritisk-sarbarhet-i-mitel-micollab.html