CERT-SE:s veckobrev v.4VeckobrevMed anledning av den senaste veckans händelser har detta veckobrev ett tydligt ransomware-tema. Läs det nationella cybersäkerhetscentrets publicering med information om incidentkoordinering, råd och rekommendationer och CERT-SE:s nya temasida med råd gällande förebyggande och hantering av Ransomware. Trevlig helg! Nyheter i veckanUPPDATERING: Ransomware-attack påverkar Tietoevrys tjänster för vissa kunder i Sverige (21 jan) https://www.tietoevry.com/se/nyhetsrum/alla-nyheter-och-pressmeddelanden/ovriga-nyheter/2024/01/uppdatering-kring-ransomware-attack-i-ett-av-tietoevrys-svenska-datacenter/ ..Tietoevry: Det systematiska återställningsarbetet fortsätter efter ransomware-attacken – de första kundsystemen är igång igen (25 jan) https://www.tietoevry.com/se/nyhetsrum/alla-nyheter-och-pressmeddelanden/pressmeddelande/2024/01/tietoevry-det-systematiska-aterstallningsarbetet-fortsatter-efter-ransomware-attacken--de-forsta-kundsystemen-ar-igang/IT-störningar hos Region Uppsala (21 jan) https://regionuppsala.se/politik-och-paverkan/pressrum/2024/januari/it-storningar-hos-region-uppsala/Cyberattack påverkar Tietoevrys tjänster till ett antal kunder i Sverige (21 jan) https://www.statenssc.se/nyheter/nyhetsarkiv/2024-01-21-cyberattack-paverkar-tietoevrys-tjanster-till-ett-antal-kunder-i-sverige ..Lönesystem för över 120 myndigheter utslaget (22 jan) https://www.dn.se/ekonomi/fortsatta-problem-efter-omfattande-it-attack/Due to a ransomware attack at a hosting provider Munters releases preliminary fourth quarter and full year results 2023 (22 jan) https://www.munters.com/en/media/press-releases/20242/due-to-a-ransomware-attack-at-a-hosting-provider-munters-releases-preliminary-fourth-quarter-and-full-year-results-2023/Cyberattack mot Tietoevry slår hårt – många drabbade (22 jan) https://computersweden.idg.se/2.2683/1.780796/cyberattack-mot-tietoevry-slar-hart-manga-drabbadeTrello API abused to link email addresses to 15 million accounts (23 jan) https://www.bleepingcomputer.com/news/security/trello-api-abused-to-link-email-addresses-to-15-million-accounts/Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver (23 jan) https://www.trendmicro.com/en_us/research/24/a/kasseika-ransomware-deploys-byovd-attacks-abuses-psexec-and-expl.htmlWater services giant Veolia North America hit by ransomware attack (23 jan) https://www.bleepingcomputer.com/news/security/water-services-giant-veolia-north-america-hit-by-ransomware-attack/Warning As 26 Billion Records Leak: Dropbox, LinkedIn, Twitter Named (23 jan) https://www.forbes.com/sites/daveywinder/2024/01/23/massive-26-billion-record-leak-dropbox-linkedin-twitterx-all-named/amp/Miljoner lösenord till Facebook och Netflix läckta: ”Saftig siffra” (24 jan) https://www.svt.se/nyheter/inrikes/miljontals-losenord-till-facebook-och-netflix-har-lacktAnother Phobos Ransomware Variant Launches Attack – FAUST (25 jan) https://www.fortinet.com/blog/threat-research/phobos-ransomware-variant-launches-attack-faustLocal governments in Colorado, Pennsylvania and Missouri dealing with ransomware (25 jan) https://therecord.media/local-governments-across-us-dealing-with-ransomwareUkrainian energy giant, postal service, transportation agencies hit by cyberattacks (25jan) https://therecord.media/ukraine-cyberattacks-energy-postal-transportationKansas State, Clackamas Community College respond to cyberattacks (25 jan) https://therecord.media/kansas-state-university-ccc-oregon-cyberattacksMidnight Blizzard: Guidance for responders on nation-state attack (25 jan) https://www.microsoft.com/en-us/security/blog/2024/01/25/midnight-blizzard-guidance-for-responders-on-nation-state-attack/Informationssäkerhet och blandatRansomware Cases Increased by 73% in 2023 showing our actions have not been enough to thwart the threat (15 jan) https://www.sans.org/blog/ransomware-cases-increased-greatly-in-2023/Water and Wastewater Sector - Incident Response Guide (18 jan) https://www.cisa.gov/resources-tools/resources/water-and-wastewater-sector-incident-response-guide-0Inside the SYSTEMBC Command-and-Control Server (19 jan) https://www.kroll.com/en/insights/publications/cyber/inside-the-systembc-malware-serverMånga myter kring rysk cyber­krigföring mot Ukraina (19 jan) https://www.foi.se/nyheter-och-press/nyheter/2023-12-19-manga-myter-kring-rysk-cyberkrigforing-mot-ukraina.html ..Rapporten: https://www.foi.se/rapporter/rapportsammanfattning.html?reportNo=FOI-R--5513--SEEngaging with Artificial Intelligence (AI) (24 jan) https://www.cyber.gov.au/resources-business-and-government/governance-and-user-education/governance/engaging-with-artificial-intelligenceSignificant increase in ransomware activity found in Talos IR engagements, while education remains one of the most-targeted sectors (24 jan) https://blog.talosintelligence.com/talos-ir-quarterly-report-q4-2023/Global ransomware threat expected to rise with AI, NCSC warns (24 jan) https://www.ncsc.gov.uk/news/g

Source: Dagens Nyheter January 26, 2024 13:37 UTC