Weekly Update from CERT-SE: Week 39 – www.cert.se

Hey folks! Exciting news—European Cybersecurity Month is just around the corner. Always up for a good challenge? Then you’ll be excited to know CERT-SE is getting things rolling. They’ve got some pretty cool threats and challenges lined up. Safe hunting!

This past week had some riveting cybersecurity episodes. Hackers were at loggerheads, splitting hairs over who was responsible for the cyber attack on Sony. Well, that tested the resilience of their digital fortress. Meanwhile, City of Dallas was counting the cost of a ransomware attack. Pretty steep, from what I hear.

You’d think it stops there. But the security glitch at one of the labor unions could have potentially compromised member data. On a similar note, the Kuwait Ministry of Finance fell prey to the Rhysida ransomware group. Speaking of ransomware attacks, Johnson Controls was under pressure too, with a group demanding a whopping $51 million following a cyber attack. Grim scene there.

The plug got pulled on Volkswagen’s factories because of a network failure. Back home, Götegorgsregionens IT systems experienced a breach – not a good week for tech, huh? And, it seems like the Medusa ransomware was not done yet. They hit the Philippine state insurer next. Feeling breathless already? Yeah, it was that kind of week!

There was quite a bit of chatter on the analytical front too. The MGM Resorts International incident told a story of ransomware attack by ALPHV/Blackcat/Scattered Spider. The first half of 2023 saw roughly 8 million DDoS attacks. That’s a staggering number, isn’t it? We also saw an interesting variant on the ZeroFont phishing technique. Heck, LockBit 3.0 even made it to the infamous hacking list in August owing to a decline in ransomware attacks.

It appears that Chinese cyber actors were having a ball hiding in router firmware. Some researchers cracked open a new RCE exploit chain for SharePoint. The FBI highlighted that ransomware victims were now getting hit within 48-hour windows.

Remember the phishing attack via Dropbox? Turns out, Microsoft had its field day too with a breach resulting in the theft of 60,000 State Dept emails.

The European Cybersecurity Month kicks off on the first of October, which promises to be quite an event. There’s also this flagship cybersecurity contest in the UK that school teachers are being encouraged to have their students participate in.

Meanwhile, have you ever wondered what “Secure by Design” truly means? On a related note, the National Security Agency is setting up an artificial intelligence security center. Exciting times ahead! CERT-SE dropped some updates and reported critical vulnerabilities in Progress WS_FTP and Cisco products, so keep an eye out.

Alright, let’s stay safe out there, people, and keep those cyber defenses up. With the state of things, we should be locked, loaded, and ready to go. Can’t wait to see how the Cybersecurity Month unfolds! Let’s do this! Later!

by Morgan Phisher