CERT-SE:s veckobrev v.27
I veckans rapportering hittar vi bland annat “Samlade förmågor för ökad cybersäkerhet - Betänkande av Utredningen om ett stärkt nationellt cybersäkerhetscenter”.
Vi passar på att redan nu förvarna om att det efter nästa fredags veckobrev blir tre veckors uppehåll i veckobrevspubliceringen.
Trevlig helg önskar CERT-SE!
Nyheter i veckan
FBI warns of Scattered Spider’s expanding attacks on airlines using social engineering (28 jun) https://thehackernews.com/2025/06/fbi-warns-of-scattered-spiders.html
Switzerland says government data stolen in ransomware attack (30 jun) https://www.bleepingcomputer.com/news/security/switzerland-says-government-data-stolen-in-ransomware-attack/
…
Cyberattack on Radix: Federal Administration data also affected (30 jun) https://www.news.admin.ch/en/newnsb/T5AZeWNEPFGe
Kivra varnar för sms-bedrägerier (30 jun) https://www.svt.se/nyheter/inrikes/kivra-varnar-for-sms-bedragerier
Europol dismantles $540 million cryptocurrency fraud network, arrest five suspects (30 jun) https://thehackernews.com/2025/06/europol-dismantles-540-million.html
U.S. Agencies warn of rising Iranian cyberattacks on defense, OT networks and critical infrastructure (30 jun) https://thehackernews.com/2025/06/us-agencies-warn-of-rising-iranian.html
Norwegian dam valve forced open for hours in cyberattack (30 jun) https://hackread.com/norwegian-dam-valve-forced-open-hours-in-cyberattack/
FBI: Cybercriminals steal health data posing as fraud investigators (30 jun) https://www.bleepingcomputer.com/news/security/fbi-warns-cybercriminals-steal-health-data-posing-as-fraud-investigators
ICC detects and contains new sophisticated cyber security incident (30 jun) https://www.icc-cpi.int/news/icc-detects-and-contains-new-sophisticated-cyber-security-incident
…
International Criminal Court targeted by new ‘sophisticated attack’ (1 jul) https://therecord.media/international-criminal-court-cyberattack-2025
Australiens största flygbolag hackat – 6 miljoner kunder påverkade (2 jul) https://computersweden.se/article/4016133/australiens-storsta-flygbolag-hackat-6-miljoner-kunder-paverkade.html
Chinese Hackers Target France in Ivanti Zero-Day Exploit Campaign (2 jul) https://www.infosecurity-magazine.com/news/chinese-hackers-france-ivanti
Hackers Exploit ConnectWise ScreenConnect Installers to Deploy Signed Remote Access Malware (2 jul) https://www.cysecurity.news/2025/07/hackers-exploit-connectwise.html
Hunters International ransomware shuts down, releases free decryptors (3 jul) https://www.bleepingcomputer.com/news/security/hunters-international-ransomware-shuts-down-after-world-leaks-rebrand/
EU Launches Plan to Implement Quantum-Secure Infrastructure (4 jul) https://www.infosecurity-magazine.com/news/eu-plan-quantum-secure/
Rapporter och analyser
Teardown: How Scattered Spider hacked a logistics firm (27 jun) https://www.govinfosecurity.com/teardown-how-scattered-spider-hacked-logistics-firm-a-28846
Cisco Talos: Malicious AI models are behind a new wave of cybercrime (28 jun) https://hackread.com/malicious-ai-models-wave-of-cybercrime-cisco-talos/
More than 25% of UK businesses hit by cyber-attack in last year, report finds (30 jun) https://www.theguardian.com/business/2025/jun/30/uk-businesses-hit-by-cyber-attack-last-year-report
DCRAT Impersonating the Colombian Government (1 jul) https://www.fortinet.com/blog/threat-research/dcrat-impersonating-the-columbian-government
New Report Uncovers Major Overlaps in Cybercrime and State-Sponsored Espionage (1 jul) https://www.infosecurity-magazine.com/news/major-overlaps-cybercrime-espionage/
Sovereign by Design: Data Control in a Borderless World (3 jul) https://www.govinfosecurity.com/sovereign-by-design-data-control-in-borderless-world-a-28891
Informationssäkerhet och blandat
CISA: New Guidance Released for Reducing Memory-Related Vulnerabilities (24 jun) https://www.cisa.gov/resources-tools/resources/memory-safe-languages-reducing-vulnerabilities-modern-software-development
‘Your reservation is at risk’: beware the Booking.com scam (29 jun) https://www.theguardian.com/money/2025/jun/29/your-reservation-is-at-risk-beware-the-bookingcom-scam
Bluetooth flaws could let hackers spy through your microphone (29 jun) https://www.bleepingcomputer.com/news/security/bluetooth-flaws-could-let-hackers-spy-through-your-microphone/
Beredskapen för krig stärks vid landets radio- och tv-master (29 jun) https://www.sverigesradio.se/artikel/beredskapen-for-krig-starks-vid-landets-radio-och-tv-master
Denmark moves to protect personal identity from deepfakes with new copyright law (30 jun) https://securityaffairs.com/179464/laws-and-regulations/denmark-moves-to-protect-personal-identity-from-deepfakes-with-new-copyright-law.html
Samlade förmågor för ökad cybersäkerhet - Betänkande av Utredningen om ett stärkt nationellt cybersäkerhetscenter (1 jul) https://regeringen.se/rattsliga-dokument/statens-offentliga-utredningar/2025/07/sou-202579
CVE Program Launches Two New Forums to Enhance CVE Utilization (2 jul) https://www.infosecurity-magazine.com/news/cve-program-new-user-researcher/
CERT-SE i veckan
Sårbarheter i Citrix NetScaler (uppdaterad 30 jun) https://www.cert.se/2025/06/sarbarheter-i-citrix-netscaler.html
Sårbarhet i Wing FTP Server (2 jul) https://www.cert.se/2025/07/sarbarhet-i-wing-ftp-server.html
Kritisk sårbarhet i Cisco Unified CM (3 jul) https://www.cert.se/2025/07/kritisk-sarbarhet-i-cisco-unified-cm.html