CERT-SE startsida
Sök inom CERT-SE
Publicerad: 2025-04-17 11:03

CERT-SE:s veckobrev v.16

Veckobrev

I veckan har MITRE meddelat att finanseringen av CVE-databasen skulle upphöra. Senare har dock cybersäkerhetsmyndigheten CISA gått ut och sagt att man även fortsatt kommer stöda CVE-prgorammet finansiellt. Flera andra initiativ har också tagits för att upprätthålla en sårbarhetsdatabas långsiktigt.

I övrigt blandade nyheter från veckan. Glad påsk önskar CERT-SE!

Nyheter i veckan

Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit (11 apr) https://thehackernews.com/2025/04/fortinet-warns-attackers-retain.html

Tycoon2FA phishing kit targets Microsoft 365 with new tricks (12 apr) https://www.bleepingcomputer.com/news/security/tycoon2fa-phishing-kit-targets-microsoft-365-with-new-tricks/

Hertz confirms customer info, drivers’ licenses stolen in data breach (14 apr) https://www.bleepingcomputer.com/news/security/hertz-confirms-customer-info-drivers-licenses-stolen-in-data-breach/

ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading (14 apr) https://thehackernews.com/2025/04/resolverrat-campaign-targets-healthcare.html

New SSL/TLS certs to each live no longer than 47 days by 2029 (14 apr) https://www.theregister.com/2025/04/14/ssl_tls_certificates/

Renewed APT29 Phishing Campaign Against European Diplomats (15 apr) https://research.checkpoint.com/2025/apt29-phishing-campaign/

CrazyHunter Campaign Targets Taiwanese Critical Sectors (16 apr) https://www.trendmicro.com/en_us/research/25/d/crazyhunter-campaign.html

Rapporter och analyser

Analysis of Threat Actor Activity (10 apr) https://www.fortinet.com/blog/psirt-blogs/analysis-of-threat-actor-activity

Hackergruppen som håller din data gisslan (14 apr) https://www.sverigesradio.se/avsnitt/hackergruppen-som-haller-din-data-gisslan

Meta slurps up EU user data for AI training (14 apr) https://www.malwarebytes.com/blog/uncategorized/2025/04/meta-slurps-up-eu-user-data-for-ai-training

Cyberattacker mot energisektorn ökar kraftigt (15 apr) https://www.aktuellsakerhet.se/cyberattacker-mot-energisektorn-okar-kraftigt/ ..

Could Cyberattacks ‘Turn the Lights Off’ in Europe? https://www.knowbe4.com/hubfs/Europe-Energy-Report-UK-EN.pdf

Informationssäkerhet och blandat

Ransomware kostade Ikea-butiker 220 miljoner (14 apr) https://computersweden.se/article/3961479/ransomware-kostade-ikea-butiker-220-miljoner.html

IMY inleder tillsyn mot Sportadmin (15 apr) https://www.svt.se/nyheter/inrikes/imy-inleder-tillsyn-mot-sportadmin ..

IMY inleder tillsyn mot Sportadmin (15 apr) https://www.imy.se/nyheter/imy-inleder-tillsyn-mot-sportadmin/

AI makes bots easier to deploy and harder to detect (15 apr) https://betanews.com/2025/04/15/ai-makes-bots-easier-to-deploy-and-harder-to-detect/

Funding Expires for Key Cyber Vulnerability Database (15 apr) https://krebsonsecurity.com/2025/04/funding-expires-for-key-cyber-vulnerability-database/ ..

CISA extends funding to ensure ‘no lapse in critical CVE services’ (16 apr) https://www.bleepingcomputer.com/news/security/cisa-extends-funding-to-ensure-no-lapse-in-critical-cve-services/ ..

CVE program gets last-minute funding from CISA – and maybe a new home (16 apr) https://www.theregister.com/2025/04/16/cve_program_funding_save/

Russians lure European diplomats into malware trap with wine-tasting invite (16 apr) https://www.theregister.com/2025/04/16/cozy_bear_grapeloader/