CERT-SE startsida
Sök inom CERT-SE
Publicerad: 2025-06-13 15:40

CERT-SE:s veckobrev v.24

Veckobrev

Denna fredag vill vi passa på att lyfta fram vår temasida med råd och stöd för att förebygga och hantera överbelastningsangrepp: https://www.cert.se/tema/ddos/


Trevlig helg önskar CERT-SE!

Nyheter i veckan

Swish-störningar lösta (5 jun) https://www.gp.se/ekonomi/swish-storningar-losta-.9a71bc15-8705-5f17-a462-371147d22a48

Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine (5 jun) https://blog.talosintelligence.com/pathwiper-targets-ukraine/

EU adopts blueprint to better manage European cyber crises and incidents (6 jun)  https://www.consilium.europa.eu/en/press/press-releases/2025/06/06/eu-adopts-blueprint-to-better-manage-european-cyber-crises-and-incidents/

Delar av SVT låg nere efter överberlastningsattack (8 jun) https://sverigesradio.se/play/artikel/8974888

..

SVT utsatt för en ny överbelastningsattack (10 jun) https://www.svt.se/nyheter/inrikes/svt-har-tekniska-problem-sv0se2

New Supply Chain Malware Operation Hits npm and PyPI Ecosystems (8 jun) https://thehackernews.com/2025/06/new-supply-chain-malware-operation-hits.html

Arkana Ransomware Group Allegedly Claims Breach of Ticketmaster Databases (9 jun)  https://cybersecuritynews.com/arkana-ransomware-group-claims-major-breach/

Stolen Ticketmaster data from Snowflake attacks briefly for sale again (9 jun)  https://www.bleepingcomputer.com/news/security/stolen-ticketmaster-data-from-snowflake-attacks-briefly-for-sale-again/

Major food wholesaler says cyberattack impacting distribution systems (9 jun) https://therecord.media/major-food-wholesaler-cyberattack-impacting-distribution

Two Botnets, One Flaw: Mirai Spreads Through Wazuh Vulnerability (9 jun) https://www.akamai.com/blog/security-research/botnets-flaw-mirai-spreads-through-wazuh-vulnerability

Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies (9 jun) https://www.securityweek.com/trump-cybersecurity-executive-order-targets-digital-identity-sanctions-policies/

Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs (9 jun) https://www.theregister.com/2025/06/09/china_malware_flip_switch_sentinelone/

Cyberattackerna ökar och bli värre: ”Målet är att skada Sverige” (10 jun)  https://www.svt.se/nyheter/inrikes/cyberattackerna-okar-och-bli-varre-malet-ar-att-skada-sverige

Ongoing cyberattack at US grocery distributor giant UNFI affecting customer orders (10 jun) https://techcrunch.com/2025/06/10/ongoing-cyberattack-at-us-grocery-distributor-giant-unfi-affecting-customer-orders/

Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud (10 jun) https://www.securityweek.com/five-zero-days-15-misconfigurations-found-in-salesforce-industry-cloud/

Sensata Technologies Hit by Ransomware Attack – Operations Impacted (10 jun) https://cybersecuritynews.com/sensata-technologies-ransomware-attack/

Hack of Contractor Was at Root of Massive Federal Data Breach (10 jun) https://www.claimsjournal.com/news/national/2025/06/10/331059.htm

MSB om ökade cyberattacker: ”Läget är allvarligt” (11 jun)  https://www.svt.se/nyheter/inrikes/msb-om-okade-cyberattacker-laget-ar-allvarligt

Folksam varnar för nytt bluff-sms (11 jun) https://sakerhetskollen.se/aktuella-brott/folksam-varnar-for-nytt-bluff-sms

20,000 malicious IPs and domains taken down in INTERPOL infostealer crackdown (11 jun) https://www.interpol.int/News-and-Events/News/2025/20-000-malicious-Ips-and-domains-taken-down-in-INTERPOL-infostealer-crackdown

Google Cloud and Cloudflare hit by widespread service outages (12 jun) https://www.bleepingcomputer.com/news/technology/google-cloud-and-cloudflare-hit-by-widespread-service-outages/

..

Cloudflare: Outage not caused by security incident, data is safe (13 jun) https://www.bleepingcomputer.com/news/security/cloudflare-outage-not-caused-by-security-incident-data-is-safe/

MSB presenterar ett nytt ramverk för bedömning av it-incidenters påverkan (12 jun)  https://www.msb.se/sv/aktuellt/nyheter/2025/juni/msb-presenterar-ett-nytt-ramverk-for-bedomning-av-it-incidenters-paverkan/

Rapporter och analyser

Creating the right organisational culture for cyber security (4 jun) https://www.ncsc.gov.uk/blog-post/creating-the-right-organisational-culture-for-cyber-security

Ständiga “driftstörningar” och cyberattacker – hur mår Sveriges beredskap? (6 jun) https://www.sverigesradio.se/avsnitt/standiga-driftstorningar-och-cyberattacker-hur-mar-sveriges-beredskap

Steal, deal and repeat: How cybercriminals trade and exploit your data (11 jun) https://www.europol.europa.eu/publication-events/main-reports/steal-deal-and-repeat-how-cybercriminals-trade-and-exploit-your-data

CISO who helped unmask Badbox warns: Version 3 is coming (11 jun) https://www.theregister.com/2025/06/11/badbox_round_three/

Fog Ransomware: Unusual Toolset Used in Recent Attack (12 jun) https://www.security.com/threat-intelligence/fog-ransomware-attack

Cloudflare sees massive rise in attacks targeting media, nonprofits and human rights groups (12 jun) https://siliconangle.com/2025/06/12/cloudflare-sees-massive-rise-attacks-targeting-media-nonprofits-human-rights-groups/

File Data: The Hidden Ransomware Threat Costing Enterprises Millions (12 jun) https://securityboulevard.com/2025/06/file-data-the-hidden-ransomware-threat-costing-enterprises-millions/

Informationssäkerhet och blandat

DanaBleed: DanaBot C2 Server Memory Leak Bug (9 jun) https://www.zscaler.com/blogs/security-research/danableed-danabot-c2-server-memory-leak-bug

US air traffic control still runs on Windows 95 and floppy disks (9 jun) https://arstechnica.com/information-technology/2025/06/faa-to-retire-floppy-disks-and-windows-95-amid-air-traffic-control-overhaul/

What Held the Internet Together for 20 Years and Why It’s Now at Risk (10 jun) https://www.internetsociety.org/news/press-releases/2025/what-held-the-internet-together-for-20-years-and-why-its-now-at-risk/

Hire me! To drop malware on your computer (11 jun) https://www.theregister.com/2025/06/11/crooks_posing_job_hunters_target_recruiters/

Skydda dig mot överbelastningsangrepp (12 jun) https://www.ncsc.se/sv/aktuellt/skydda-dig-mot-overbelastningsangrepp/

CISA Releases Guide to Protect Network Edge Devices From Hackers (jun 12) https://cybersecuritynews.com/cisa-guide-network-edge-devices-2/

Cyber Security: You do a fire drill – so do a cyber attack drill (12 jun) https://www.scottishlegal.com/articles/cyber-security-you-do-a-fire-drill-so-do-a-cyber-attack-drill

Hackers Advertising New Blackhat Tool Nytheon AI on Popular Hacking Forums (12 jun) https://cybersecuritynews.com/nytheon-ai-blackhat-tool/

Kivra lanserar eget bank-id (12 jun) https://www.svd.se/a/bm1zrg/kivra-lanserar-eget-bank-id

CERT-SE i veckan

Allvarlig sårbarhet i Cisco ISE vid drift via molntjänster (10 jun) https://www.cert.se/2025/06/allvarlig-sarbarhet-i-cisco-ISE-vid-drift-via-molntjanster.html

Patchtisdag juni 2025 – samlad information om månadens säkerhetsuppdateringar (11 jun) https://www.cert.se/2025/06/patchtisdag-juni-2025-samlad-information-om-manadens-sakerhetsuppdateringar.html

Kritisk sårbarhet i Roundcube (uppdaterad 11 jun) https://www.cert.se/2025/06/kritisk-sarbarhet-i-roundcube.html

Kritisk sårbarhet i HPE Insight Remote Support (12 jun) https://www.cert.se/2025/06/kritisk-sarbarhet-i-hpe-insight-remote-support.html

Sårbarheter i flera produkter från Splunk (12 jun) https://www.cert.se/2025/06/sarbarheter-i-flera-prukter-fran-splunk.html

Råd och stöd gällande överbelastningsangrepp (12 jun) https://www.cert.se/2025/06/rad-och-stod-gallande-overbelastningsangrepp.html