CERT-SE startsida
Sök inom CERT-SE
Publicerad: 2025-03-14 15:12

CERT-SE:s veckobrev v.11

Veckobrev

Patchtisdag, årsrapporter, bluff-sms och digitala plånböcker. Några ord som får sammanfatta denna upplaga av veckobrevet. Grattis på Pi-dagen och trevlig helg önskar CERT-SE!

Nyheter i veckan

Ransomware gang encrypted network from a webcam to bypass EDR (6 mar) https://www.bleepingcomputer.com/news/security/ransomware-gang-encrypted-network-from-a-webcam-to-bypass-edr

18,000 Organizations Impacted by NTT Com Data Breach (7 mar) https://www.securityweek.com/18000-organizations-impacted-by-ntt-com-data-breach

CISA completed its election security review. It won’t make the results public (7 mar) https://cyberscoop.com/cisa-election-security-review-lacks-transparency

Reporting cyberattacks on critical infrastructure mandatory from 1 April 2025 (7 mar) https://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2025/meldepflicht-2025.html

Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices (11 mar) https://thehackernews.com/2025/03/ballista-botnet-exploits-unpatched-tp.html

What Really Happened With the DDoS Attacks That Took Down X (11 mar) https://www.wired.com/story/x-ddos-attack-march-2025

LockBit Takedown: One Year On (11 mar) https://insight.scmagazineuk.com/lockbit-takedown-one-year-on

Donald Trump nominates Sean Plankey to head cyber agency CISA (11 mar) https://www.reuters.com/world/us/donald-trump-nominates-sean-plankey-head-cyber-agency-cisa-2025-03-11

DOGE axes CISA ‘red team’ staffers amid ongoing federal cuts (11 mar) https://techcrunch.com/2025/03/11/doge-axes-cisa-red-team-staffers-amid-ongoing-federal-cuts ..
CISA cuts $10 million annually from ISAC funding for states amid wider cyber cuts (12 mar) https://therecord.media/cisa-cuts-10-million-isac-funding

60 hybridattacker mot Europa – spåren pekar mot Ryssland (12 mar) https://www.svt.se/nyheter/inrikes/60-hybridattacker-mot-europa-sparen-pekar-mot-ryssland

CISA and Partners Release Cybersecurity Advisory on Medusa Ransomware (12 mar) https://www.cisa.gov/news-events/alerts/2025/03/12/cisa-and-partners-release-cybersecurity-advisory-medusa-ransomware

Update Firefox to prevent add-ons issues from root certificate expiration (12 mar) https://support.mozilla.org/en-US/kb/root-certificate-expiration

Varning för bluffsms (12 mar) https://sakerhetskollen.se/aktuella-brott/varning-for-bluffsms

Volt Typhoon hackers were in Massachusetts utility’s systems for 10 months (12 mar) https://therecord.media/volt-typhoon-hackers-utility-months

Trumps USA ändrar spelplanen – nu måste svenska cio:er sprida riskerna (13 mar) https://computersweden.se/article/3839842/trumps-usa-andrar-spelplanen-nu-maste-svenska-cioer-sprida-riskerna.html

Cyberhot mot Smedjebacken: ”Vi ser att det sker dagliga attacker” (13 mar) https://www.siljannews.se/smedjebacken/cyberhot-mot-smedjebacken-vi-ser-att-det-sker-dagliga-attacker

Fake Captcha Malware Attacking Windows Users To execute PowerShell Commands (13 mar) https://cybersecuritynews.com/fake-captcha-malware-attacking-windows-users

”Ett system som var säkert för fem år sedan kan idag vara fullt av kända säkerhetshål” (13 mar) https://www.energi-miljo.se/ett-system-som-var-sakert-for-fem-ar-sedan-kan-idag-vara-fullt-av-kanda-sakerhetshal

Nytt AI-projekt ska stoppa cyberattacker mot trådlösa nätverk (13 mar) https://www.miun.se/kontakt/press/nyhetsarkiv/2025-3/nytt-ai-projekt-ska-stoppa-cyberattacker-mot-tradlosa-natverk

Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware (13 mar) https://www.microsoft.com/en-us/security/blog/2025/03/13/phishing-campaign-impersonates-booking-com-delivers-a-suite-of-credential-stealing-malware

At Ukraine’s major cyber conference, Europe takes center stage over US (13 mar) https://therecord.media/kyiv-cyber-conference-europe-center-stage-over-us

New SuperBlack ransomware exploits Fortinet auth bypass flaws (13 mar) https://www.bleepingcomputer.com/news/security/new-superblack-ransomware-exploits-fortinet-auth-bypass-flaws

Rapporter och analyser

Malvertising campaign leads to info stealers hosted on GitHub (6 mar) https://www.microsoft.com/en-us/security/blog/2025/03/06/malvertising-campaign-leads-to-info-stealers-hosted-on-github

Google Vulnerability Reward Program: 2024 in Review (7 mar) https://security.googleblog.com/2025/03/vulnerability-reward-program-2024-in.html

Fortinet Identifies Malicious Packages in the Wild: Insights and Trends from November 2024 Onward (10 mar) https://www.fortinet.com/blog/threat-research/fortinet-identifies-malicious-packages-in-the-wild-insights-and-trends

February in Estonian cyberspace: phishing and scams set the tone (10 mar) https://www.ria.ee/en/news/february-estonian-cyberspace-phishing-and-scams-set-tone

Säkerhetspolisen 2024/2025 (11 mar) https://sakerhetspolisen.se/om-sakerhetspolisen/publikationer/sakerhetspolisens-lagesbild/sakerhetspolisen-2024-2025/sammanfattning.html

ANSSI Cyber threat overview 2024 (11 mar) https://cyber.gouv.fr/en/publications/cyber-threat-overview-2024

AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution (11 mar) https://www.trendmicro.com/en_us/research/25/c/ai-assisted-fake-github-repositories.html

Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers (12 mar) https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers

IT-ISAC IT Sector Cyber Threat Report - March 2025 (12 mar) https://www.it-isac.org/_files/ugd/b9866c_a8fb8f55d6aa4c07871008fea8fceda9.pdf

Patch it up: Old vulnerabilities are everyone’s problems (13 mar) https://blog.talosintelligence.com/patch-it-up-old-vulnerabilities-are-everyones-problems

Inte mitt bord – Fördelning av ansvarstagande för cybersäkerhet på samhällsviktiga arbetsplatser (13 mar) https://foi.se/rapporter/rapportsammanfattning.html?reportNo=FOI-R--5669--SE

Abusing with style: Leveraging cascading style sheets for evasion and tracking (13 mar) https://blog.talosintelligence.com/css-abuse-for-evasion-and-tracking

Informationssäkerhet och blandat

Tjejhelg - Upptäck Cybersäkerhet! (8 mar) https://www.fro.se/education/tjejhelg-upptack-cybersakerhet-

Digg utvecklar digital id-plånbok – kostar minst 140 miljoner (10 mar) https://computersweden.se/article/3840198/digg-utvecklar-digital-id-planbok-kostar-minst-140-miljoner.html

$16B health dept managed finances with single Excel spreadsheet. It hasn’t gone well (10 mar) https://www.theregister.com/2025/03/10/nz_health_excel_spreadsheet

Disobey 2025 Presentations (12 mar) https://www.youtube.com/playlist?list=PLLvAhAn5sGfhfK7hPrndZ4s367x0aPM7k

CERT-SE i veckan

GitLab rättar allvarliga sårbarheter (14 mar) https://www.cert.se/2025/03/gitlab-rattar-allvarliga-sarbarheter.html

SAP:s månatliga säkerhetsuppdateringar för mars 2025 (12 mar) https://www.cert.se/2025/03/saps-manatliga-sakerhetsuppdateringar-for-mars-2025.html

Adobes månatliga säkerhetsuppdateringar för mars 2025 (12 mar) https://www.cert.se/2025/03/adobes-manatliga-sakerhetsuppdateringar-for-mars-2025.html

Fortinets månatliga säkerhetsuppdateringar för mars 2025 (12 mar) https://www.cert.se/2025/03/fortinets-manatliga-sakerhetsuppdateringar-for-mars-2025.html

Microsofts månatliga säkerhetsuppdateringar för mars 2025 (12 mar) https://www.cert.se/2025/03/microsofts-manatliga-sakerhetsuppdateringar-for-mars-2025.html