CERT-SE:s veckobrev v.13

Veckobrev

Vi vill denna vecka tipsa om en färsk rapport från NCSC, Överbelastningsangrepp mot kritisk infrastruktur i Norden och Baltikum hösten 2024: https://www.ncsc.se/sv/aktuellt/overbelastningsangrepp-mot-kritisk-infrastruktur/

Vi påminner även om World Backup Day nu på måndag, den 31 mars. Trevlig helg!

Nyheter i veckan

CAPE from Cuckoo v1 – Malware Sandbox to Execute Malicious Files in An Isolated Environment (25 mar) https://cybersecuritynews.com/cape-from-cuckoo-v1-malware-sandbox-to-execute-malicious-files/

Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years (25 mar) https://thehackernews.com/2025/03/chinese-hackers-breach-asian-telecom.html

Omfattande cyberattack mot Ukrainas järnvägsbolag (25 mar) https://computersweden.se/article/3853593/omfattande-cyberattack-mot-ukrainas-jarnvagsbolag.html

Malaysia PM says country rejected $10 million ransom demand after airport outages (25 mar) https://therecord.media/malaysia-pm-says-country-rejected-ransom-demand-airport-cyberattack

150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms (27 mar) https://thehackernews.com/2025/03/150000-sites-compromised-by-javascript.html

Pakistan APT Hackers Create Weaponized IndiaPost Website to Attack Windows & Android Users (27 mar) https://cybersecuritynews.com/pakistan-apt-hackers-create-weaponized-indiapost-website/

Gamaredon campaign abuses LNK files to distribute Remcos backdoor (28 mar) https://blog.talosintelligence.com/gamaredon-campaign-distribute-remcos/

Rapporter och analyser

Dark Web Mentions of Malicious AI Tools Spike 200% (25 mar) https://www.infosecurity-magazine.com/news/dark-web-mentions-malicious-ai/

Privacy-boosting tech could prevent breaches, data misuse with government aid, report says (25 mar) https://cyberscoop.com/privacy-boosting-tech-could-prevent-breaches-data-misuse-with-government-aid-report-says/

Grid Security: New Vulnerabilities in Solar Power Systems Exposed (27 mar) https://www.forescout.com/blog/grid-security-new-vulnerabilities-in-solar-power-systems-exposed/

Överbelastningsangrepp mot kritisk infrastruktur i Norden och Baltikum hösten 2024 (28 mar) https://www.ncsc.se/sv/aktuellt/overbelastningsangrepp-mot-kritisk-infrastruktur/

Report warns that browser-native ransomware is a growing threat to enterprise data (28 mar) https://siliconangle.com/2025/03/28/report-warns-browser-native-ransomware-growing-threat-enterprise-data/

Informationssäkerhet och blandat

Worldwide Security Spending to Increase by 12.2% in 2025 as Global Cyberthreats Rise, Says IDC (21 mar) https://www.idc.com/getdoc.jsp?containerId=prEUR253264525

Despite challenges, the CVE program is a public-private partnership that has shown resilience (24 mar) https://cyberscoop.com/cve-program-history-mitre-nist-1999-2024/

Security Tech That Can Make a Difference During an Attack (25 mar) https://www.darkreading.com/cybersecurity-operations/east-west-monitoring-visibility-critical-apt-detection

Så bygger Läkemedelsverket egen generativ AI (25 mar) https://computersweden.se/article/3852631/sa-bygger-lakemedelsverket-egen-generativ-ai.html

OTF, which backs Tor, Let’s Encrypt and more, sues to save its funding from Trump cuts (25 mar) https://www.theregister.com/2025/03/25/otf_tor_lets_encrypt_funding_lawsuit/

UK fines software provider £3.07 million for 2022 ransomware breach (26 mar) https://www.bleepingcomputer.com/news/security/uk-fines-software-provider-307-million-for-2022-ransomware-breach/

12 Cybercriminals Arrested Following Takedown of Ghost Communication Platform (27 mar) https://cybersecuritynews.com/12-cybercriminals-arrested-following-takedown/

Good security practice for domain registrars (27 mar) https://www.ncsc.gov.uk/collection/security-practice-domain-registrars

Trumptopparnas uppgifter läckta – kan ha hackats (27 mar) https://www.svt.se/nyheter/utrikes/trumptopparnas-uppgifter-lackta-kan-ha-hackats

Polisen varnar potentiella utförare av överbelastningsattacker (27 mar) https://polisen.se/aktuellt/nyheter/nationell/2025/mars/polisen-varnar-potentiella-utforare-av-overbelastningsattacker/

EU Commission looks to cut overlap in tech directives -Virkkune (27 mar) https://www.reuters.com/technology/eu-commission-looks-cut-overlap-tech-directives-virkkunen-2025-03-27/

CERT-SE i veckan

Kritisk sårbarhet åtgärdas i Next.js (24 mar) https://www.cert.se/2025/03/kritisk-sarbarhet-paverkar-next.js.html

Kritisk sårbarhet i Kubernetes-komponent (uppdaterad 26 mar) https://www.cert.se/2025/03/kritisk-sarbarhet-i-kubernetes-komponent.html