Uppdaterad 2023-05-12 15:29 | Publicerad 2023-05-12 14:53 CERT-SE:s veckobrev v.19Veckans svep bjuder på blandad läsning med nyheter och fördjupningar. Det har även varit patchtisdag vilket CERT-SE uppmärksammat med flera publiceringar om viktiga säkerhetsuppdateringar, se länkar till dem längst ned. Trevlig helg önskar CERT-SE! Nyheter i veckanNy våg av cyberattacker mot svenska hemsidor (5 maj)https://sverigesradio.se/artikel/ny-vag-av-cyberattacker-mot-svenska-hemsidorNy lokal sårbarhet i Linux Netfilter (5 maj)https://kryptera.se/ny-lokal-sarbarhet-i-linux-netfilter/Deconstructing a Cybersecurity Event (5 maj)https://www.dragos.com/blog/deconstructing-a-cybersecurity-event/Meet Akira — A new ransomware operation targeting the enterprise (7 maj)https://www.bleepingcomputer.com/news/security/meet-akira-a-new-ransomware-operation-targeting-the-enterprise/IT-problem hos flera myndigheter – "Felsöker" (7 maj)https://sverigesradio.se/artikel/polisens-it-problem-felsoker...https://computersweden.idg.se/2.2683/1.778858/it-strul-pa-flera-hall-i-sverige--skatteverket-utsatt-for-angreppCERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine (8 maj)https://thehackernews.com/2023/05/cert-ua-warns-of-smokeloader-and.htmlT-Mobile US suffers second data theft within months (8 maj)https://www.theregister.com/2023/05/08/in_brief_security/Cyberattacks on health care are increasing. Inside one hospital's fight to recover (8 maj)https://www.npr.org/sections/health-shots/2023/05/08/1172569347/cyberattacks-on-health-care-are-increasing-inside-one-hospitals-fight-to-recoverFBI seizes 13 more domains linked to DDoS-for-hire services (8 maj)https://www.bleepingcomputer.com/news/security/fbi-seizes-13-more-domains-linked-to-ddos-for-hire-services/NextGen Healthcare says hackers accessed personal data of more than 1 million patients (8 maj)https://techcrunch.com/2023/05/08/nextgen-healthcare-data-breach/Intel investigating leak of Intel Boot Guard private keys after MSI breach (8 maj)https://www.bleepingcomputer.com/news/security/intel-investigating-leak-of-intel-boot-guard-private-keys-after-msi-breach/QR codes used in fake parking tickets, surveys to steal your money (8 maj)https://www.bleepingcomputer.com/news/security/qr-codes-used-in-fake-parking-tickets-surveys-to-steal-your-money/E-hälsomyndigheten ligger nere (9 maj)https://www.svt.se/nyheter/inrikes/e-halsomyndigheten-ligger-nereNew Ransomware Strain 'CACTUS' Exploits VPN Flaws to Infiltrate Networks (9 maj)https://thehackernews.com/2023/05/new-ransomware-strain-cactus-exploits.htmlCyberpolisen på NOA utreder it-angrepp mot myndigheter (9 maj)https://www.svt.se/nyheter/inrikes/cyberpolisen-pa-noa-utreder-it-angrepp-mot-myndigheterSpanish police dismantle phishing operation linked to crime ring (9 maj)https://www.bleepingcomputer.com/news/security/spanish-police-dismantle-phishing-operation-linked-to-crime-ring/Hunting Russian Intelligence “Snake” Malware (9 maj)https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-129a...https://www.svt.se/nyheter/inrikes/fbi-knackte-ryskt-spionprogram-sverige-en-av-maltavlornaFake system update drops Aurora stealer via Invalid Printer loader (9 maj)https://www.malwarebytes.com/blog/threat-intelligence/2023/05/fake-system-update-drops-new-highly-evasive-loaderRoyal ransomware gang quickly expands reign (9 maj)https://www.scmagazine.com/news/ransomware/royal-ransomware-expands-reignNew ransomware decryptor recovers data from partially encrypted files (10 maj)https://www.bleepingcomputer.com/news/security/new-ransomware-decryptor-recovers-data-from-partially-encrypted-files/...https://www.darkreading.com/attacks-breaches/free-tool-unlocks-some-encrypted-data-in-ransomware-attacksNew phishing-as-a-service tool “Greatness” already seen in the wild (10 majhttps://blog.talosintelligence.com/new-phishing-as-a-service-tool-greatness-already-seen-in-the-wild/De startar nytt säkerhetscenter – vill hjälpa kommuner (10 maj)https://computersweden.idg.se/2.2683/1.778941/de-startar-nytt-sakerhetscenter--vill-hjalpa-kommunerThe frontman of the American alternative rock band Smashing Pumpkins, Billy Corgan, has revealed he paid hackers who stole the band’s songs (10 maj)https://securityaffairs.com/146029/cyber-crime/smashing-pumpkins-paid-ransom.htmlHackade Obama och Bidens Twitterkonton – 23-åring riskerar 70 års fängelse (10 maj)https://www.dn.se/varlden/hackade-obama-och-bidens-twitterkonton-23-aring-riskerar-70-ars-fangelse/...https://thehackernews.com/2023/05/mastermind-behind-twitter-2020-hack.htmlMultinational tech firm ABB hit by Black Basta ransomware attack (11 maj)https://www.bleepingcomputer.com/news/security/multinational-tech-firm-abb-hit-by-black-basta-ransomware-attack/Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems (11 maj)https://thehackernews.com/2023/05/babuk-source-code-sparks-9-new.htmlSå fungerar zero day-attacker – okända sårbarheter blir öppningar för attacker (11 maj
