CERT-SE:s veckobrev v.31VeckobrevVi kliver in i augusti med ett matigt och varierat nyhetssvep med djupdykningar i skadlig kod och angreppsmetoder, kritiska säkerhetshål och cybersäkerhetshändelser från världen över. Trevlig helg önskar CERT-SE! Nyheter i veckanAcronis warns of Cyber Infrastructure default password abused in attacks (26 jul) https://www.bleepingcomputer.com/news/security/acronis-warns-of-cyber-infrastructure-default-password-abused-in-attacks/French Internet Lines Cut in Latest Attack During Olympics (28 jul) https://www.bnnbloomberg.ca/business/company-news/2024/07/29/french-internet-cables-severed-in-latest-attack-during-olympics/French authorities launch disinfection operation to eradicate PlugX malware from infected hosts (28 jul) https://securityaffairs.com/166213/cyber-crime/plugx-malware-disinfection-operation.htmlServiceNow Critical RCE Bugs Under Active Exploit (29 jul) https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploitTransportstyrelsen varnar för falska mejl (29 jul) https://sakerhetskollen.se/aktuella-brott/transportstyrelsen-varnar-for-falska-mejlIntruders at HealthEquity rifled through storage, stole 4.3M people’s data (29 jul) https://www.theregister.com/2024/07/29/healthequity_says_data_breach_affects/Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails (29 jul) https://thehackernews.com/2024/07/proofpoint-email-routing-flaw-exploited.html .. https://labs.guard.io/echospoofing-a-massive-phishing-campaign-exploiting-proofpoints-email-protection-to-dispatch-3dd6b5417db6New Jersey City University hacked by ransomware group demanding $700K (29 jul) https://www.nj.com/hudson/2024/07/new-jersey-city-university-hacked-by-ransomware-group-demanding-700k.htmlMicrosoft 365 users targeted by phishers abusing Microsoft Forms (29 jul) https://www.helpnetsecurity.com/2024/07/29/microsoft-365-phishing-forms/Attackers (Crowd)Strike with Infostealer Malware (29 jul) https://perception-point.io/blog/attackers-crowdstrike-with-infostealer-malware/Dark Angels ransomware receives record-breaking $75 million ransom (30 jul) https://www.bleepingcomputer.com/news/security/dark-angels-ransomware-receives-record-breaking-75-million-ransom/Microsoft: Latest outage was sparked by cyber attack on Azure platform (30 jul) https://www.standard.co.uk/business/business-news/microsoft-latest-outage-was-sparked-by-cyber-attack-on-azure-platform-b1173933.html .. https://www.bleepingcomputer.com/news/microsoft/microsoft-365-and-azure-outage-takes-down-multiple-services/New SideWinder Cyber Attacks Target Maritime Facilities in Multiple Countries (30 jul) https://thehackernews.com/2024/07/new-sidewinder-cyber-attacks-target.htmlRansomware attack on major US blood center prompts hundreds of hospitals to implement shortage protocols (31 jul) https://therecord.media/ransomware-attack-blood-center-shortage-protocols-hospitals .. https://www.securityweek.com/ransomware-attack-hits-oneblood-blood-bank-disrupts-medical-operations/Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances (1 aug) https://www.securityweek.com/exploited-vulnerability-could-impact-20k-internet-exposed-vmware-esxi-instances/ .. https://thehackernews.com/2024/07/vmware-esxi-flaw-exploited-by.htmlOver 1 Million Domains at Risk of ‘Sitting Ducks’ Domain Hijacking Technique (1 aug) https://thehackernews.com/2024/08/over-1-million-domains-at-risk-of.html?m=1StackExchange abused to spread malicious PyPi packages as answers (1 aug) https://www.bleepingcomputer.com/news/security/stackexchange-abused-to-spread-malicious-pypi-packages-as-answers/FBI warns of scammers posing as crypto exchange employees (1 aug) https://www.bleepingcomputer.com/news/security/fbi-warns-of-scammers-posing-as-crypto-exchange-employees/ICO reprimands UK Electoral Commission over cyberattack that left voter data exposed (1 aug) https://www.techradar.com/pro/ico-reprimands-uk-electoral-commission-over-cyberattack-that-left-voter-data-exposedColumbus investigating potential data leak after ransomware attack (1 aug) https://therecord.media/columbus-investigating-data-leak-ransomware-attackOver 300 Indian banks suffer payment disruption from ransomware attack (1 aug) https://www.csoonline.com/article/3480250/over-300-indian-banks-suffer-payment-disruption-from-ransomware-attack.htmlAcadian Ambulance Services Leaks Protected Health Information After Cyber Attack (1 aug) https://www.cpomagazine.com/cyber-security/acadian-ambulance-services-leaks-protected-health-information-after-cyber-attack/NCA shuts down major fraud platform responsible for 1.8 million scam calls (1 aug) https://www.nationalcrimeagency.gov.uk/news/nca-shuts-down-major-fraud-platform-responsible-for-1-8-million-scam-callsRapporter och fördjupningarÅrsrapport 2023: Latvian Cybersecurity and CERT.LV Technical Activities (26 jul) https://cert.lv/en/2024/07/latvian-cybersecurity-and-cert-lv-technical-activities-annual-re
Source: The Guardian August 02, 2024 17:54 UTC