CERT-SE startsida
Sök inom CERT-SE
Publicerad: 2025-10-31 13:05

CERT-SE:s veckobrev v.44

Veckobrev

Bland veckans läsning finns som vanligt en hel del rapporter och analyser, men även en summering från den lyckade Cybersäkerhetskonferensen som genomfördes föregående vecka.

Trevlig helg önskar CERT-SE!

Nyheter i veckan

UN cybercrime treaty to be signed in Hanoi to tackle global offences (25 okt) https://www.reuters.com/sustainability/society-equity/un-cybercrime-treaty-be-signed-hanoi-tackle-global-offences-2025-10-25/

Cyberattack mot Svenska kraftnät (27 okt) https://computersweden.se/article/4079315/omfattande-cyberattack-mot-svenska-kraftnat.html

Advertising giant Dentsu reports data breach at subsidiary Merkle (28 okt) https://www.bleepingcomputer.com/news/security/advertising-giant-dentsu-reports-data-breach-at-subsidiary-merkle/

Canada says hacktivists breached water and energy facilities (29 okt) https://www.bleepingcomputer.com/news/security/canada-says-hacktivists-breached-water-and-energy-facilities/

Tekniska problem med molntjänster (29 okt) https://www.svt.se/nyheter/utrikes/tekniska-problem-med-molntjanster
Microsoft Outage Hits Azure, 365, Xbox, Minecraft and More (29 okt) https://hackread.com/microsoft-outage-azure-365-xbox-minecraft/

Major telecom supplier compromised by unnamed nation-state attackers (29 okt) https://www.theregister.com/2025/10/29/major_telco_networking_provider_compromised/

New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs (29 okt) https://www.securityweek.com/new-attack-targets-ddr5-memory-to-steal-keys-from-intel-and-amd-tees/

CISA Shares New Threat Detections for Actively Exploited WSUS Vulnerability (30 okt) https://cybersecuritynews.com/cisa-threat-detections-wsus-vulnerability/

Rapporter och analyser

New CoPhish attack steals OAuth tokens via Copilot Studio agents (25 okt) https://www.bleepingcomputer.com/news/security/new-cophish-attack-steals-oauth-tokens-via-copilot-studio-agents/

AI-Powered Ransomware Is the Emerging Threat That Could Bring Down Your Organization (25 okt) https://cybersecuritynews.com/ai-powered-ransomware/

Färre betalar lösensummor – men beredskap mot ransomware saknas (26 okt) https://www.securityworldmarket.com/se/Nyheter/Foretagsnyheter/farre-betalar-losensummor---men-beredskap-mot-ransomware-saknas

Uncovering Qilin attack methods exposed through multiple cases (26 okt) https://blog.talosintelligence.com/uncovering-qilin-attack-methods-exposed-through-multiple-cases/
Qilin ransomware abuses WSL to run Linux encryptors in Windows (28 okt) https://www.bleepingcomputer.com/news/security/qilin-ransomware-abuses-wsl-to-run-linux-encryptors-in-windows/

Aisuru Botnet Shifts from DDoS to Residential Proxies (28 okt) https://krebsonsecurity.com/2025/10/aisuru-botnet-shifts-from-ddos-to-residential-proxies/

New Beast Ransomware Actively Scans for Active SMB Port from Breached System to Spread Across Network (29 okt) https://cybersecuritynews.com/new-beast-ransomware-actively-scans-for-active-smb-port/

Lesson From Cisco ASA 0-Day RCE Vulnerability That Actively Exploited In The Wild (29 okt) http://cybersecuritynews.com/lessons-cisco-asa-0-day-rce-vulnerability/

Informationssäkerhet och blandat

Cybersäkerhetskonferensen 2025 – Tillsammans stärker vi vårt digitala samhälle (24 okt) https://www.ncsc.se/sv/aktuellt/tillsammans-starker-vi-vart-digitala-samhalle/

Signicat ska säkra Europas digitala identiteter i nytt EU-projekt (24 okt) https://www.aktuellsakerhet.se/signicat-ska-sakra-europas-digitala-identiteter-i-nytt-eu-projekt/

Fake number, real damage: Europol urges action against caller ID spoofing (27 okt) https://www.europol.europa.eu/media-press/newsroom/news/fake-number-real-damage-europol-urges-action-against-caller-id-spoofing

BTH ansluter till nationella cybersäkerhetssatsningen Cybercampus Sverige (28 okt) https://www.aktuellsakerhet.se/bth-ansluter-till-nationella-cybersakerhetssatsningen-cybercampus-sverige/

New Android Trojan ‘Herodotus’ Outsmarts Anti-Fraud Systems by Typing Like a Human (28 okt) https://thehackernews.com/2025/10/new-android-trojan-herodotus-outsmarts.html

MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS (29 okt) https://www.securityweek.com/mitre-unveils-attck-v18-with-updates-to-detections-mobile-ics/

CERT-SE i veckan

Kritisk sårbarhet i Windows Server Update Services (Uppdaterad 27 okt) https://www.cert.se/2025/10/kritisk-sarbarhet-i-windows-server-update-services.html