Sorasec present the threat landscape every month. Nina Pettersen discusses various topics and present her findings.
Juli 2024
As Paris gears up for the 2024 Olympics, the cybersecurity battleground intensifies. With threats from state actors to sophisticated malware like the Vultur trojan, vigilance is our strongest defense.
Recent incidents include vulnerabilities in major software and breaches by groups like APT29, underscoring the need for proactive defense strategies. Additionally, vulnerabilities in legacy devices like the Netgear WNR614 router highlight ongoing security risks. Let’s stay vigilant and proactive in safeguarding digital landscapes globally.
Follow this link to read more: Trusselvurdering_juli2024
Juni 2024
With June’s arrival, cybercriminals face tough times. Operation Endgame, between May 27-29, targeted major cybercriminals known as droppers. But what are droppers, you might ask? Read and learn in this month’s newsletter!
In other news, VPN vulnerabilities are under constant attack. Check Point stepped up, addressing a major exploit on May 27.
And let’s not forget the Ticketmaster hack. ShinyHunters are selling data of 560 million users on the dark web, exploiting stolen credentials from a Snowflake breach. Cybersecurity never sleeps!
Follow this link to read more: Trusselvurdering_juni2024
Mai 2024
This month is all about phishing attacks. Kaspersky’s analysis reveals a significant rise in phishing attacks with a peak in May and June. Read about phishing prevention tips and the new enhanced real-time protection from Google, which protects against phishing attacks and malware.
Other updates include an ongoing SMS-based malware attempts targeting Finnish bank accounts, the cyberattack on Skanlog, and the Most recent online cybersecurity risks.
Follow this link to read more: Trusselvurdering_mai2024
April 2024
This month we write about the 2024 Sophos Threat Report, which highlights a significant increase in remote ransomware attacks on small and medium-sized businesses. These businesses are vulnerable due to factors like lack of experienced security staff and limited investment in cybersecurity.
Other updates include a data breach admission at Netcompany in Denmark and a breach at Avarn Security. The Pwn2Own hacking competition in March showcased advancements in cybersecurity research, with participants earning rewards for discovering vulnerabilities in Tesla cars and popular software.
Follow this link to read more: Trusselvurdering_april2024
Mars 2024
This month we write about the realm of AI-related threats, and a collaboration between Microsoft Threat Intelligence and OpenAI. Together they disrupted the operations of five state-affiliated malicious actors.
Additionally, Norway has published the annual trio of public threat and risk assessments from NSM, PST and NIS. Our focus shifts to the insights contributed by NSM to the ongoing AI discourse, examining both the merits and drawbacks of this technology.
Follow this link to read more: Trusselvurdering mars 2024
Februar 2024
Reflecting on a challenging month, the Nordic region experienced notable cybersecurity incidents, including the Akira ransomware attack on Tietoevry’s data center in Sweden. Recent trends indicate Akira ransomware actors are focusing on data exfiltration, a strategic shift to mitigate detection risks.
Other incidents involved ransomware attacks on NBBL, a potential disruption at Matbørsen and a Russian hacker group accessing Microsoft executives’ email accounts.
DNB faced nearly 10,000 fraud attempts in 2023, a significant 45% increase from the previous year, totaling 1.8 billion Norwegian kroner.
Follow this link to read more: Trusselvurdering februar 2024
Januar 2024
Ongoing cyber threats in 2024 include APT28 exploiting the Israel-Hamas conflict, a rising trend of opportunistic ransomware attacks, and notable incidents in Norway and Sweden.
Companies face evolving ransomware tactics, emphasizing the need for advanced security measures and risk management solutions.
Follow this link to read more: Trusselvurdering januar 2024
December 2023
December brings festive vibes, but the cybersecurity risks are persisting even during the holiday season.
EDC, a Danish real estate firm, faced a major breach by the Black Basta hacker group, exposing sensitive data and demanding a $6 million ransom. On a positive note, international law enforcement successfully dismantled a prominent ransomware gang operating from Ukraine.
Google addressed a critical zero-day vulnerability in Chrome, and Bluetooth chips from major vendors like Qualcomm and Apple are susceptible to security flaws, allowing unauthorized access and data interception.
Follow this link to read more: Trusselvurdering desember 2023
November 2023:
Cybersecurity Update from Arash Mithraian: In November, cybercriminal profits exceeded the world’s third-largest economy. Recent incidents include a spear-phishing attack on the Norwegian Broadcasting Corporation using the Pass-The-Cookie technique to bypass multifactor authentication and vulnerabilities in Citrix where data from memory are exposed. Stay vigilant and implement recommended measures to bolster defences.
Follow this link to read more: Trusselvurdering_november 2023
October 2023:
In October, we celebrate the 20th anniversary of Cybersecurity Awareness Month. In this month’s threat image report, Nina gives you the four essential steps to stay safe online.
She also talks about the new crypter and loader called ASMCrypt, and Google’s recent Zero-Day Vulnerability.
Follow this link to read more: Trusselvurdering oktober 2023
September 2023:
In this month’s threat landscape report, Nina discusses smart cities and the looming cyber vulnerabilities they represent. She also highlights the growing AI-driven cyber threats. Stay informed as we delve into these critical topics.
Follow this link to read more: Trusselvurdering September 2023
August 2023:
Hackers gained long-term access to Norway’s government mobile device system, causing concerns for national security. A joint advisory from NSM and CISA highlights cybersecurity issues. Plus, in the area of important information, foreign hackers went after Norwegian phone numbers to create chaos, showing that cyber threats can be different and tricky.
Follow this link to read more: Trusselvurdering August 2023
Juli 2023:
As some countries kick off their holiday season and others await August, it’s crucial to stay alert against phishing and malware threats. LinkedIn is full of advice on staying safe online. Phishing attacks can lead to ransomware, where hackers steal credentials to infiltrate networks and encrypt data. A new ransomware group called MalasLocker stands out by not demanding ransoms, but instead, asking victims to donate to charities, with an unusual message about disliking corporations.
Lastly, a reminder for the C-Suite: a former CEO faced legal consequences for not adhering to data protection regulations, emphasizing the importance of cybersecurity compliance.
Follow this link to read more: Trusselvurdering Juli 2023
Juni 2023:
Iranian state actors employ Cyber-Enabled IO or psychological operations (PSYOPS) to influence other nations. They use SMS messaging and impersonate high-value figures for their operations. In Russia, an APT actor exploited iOS devices, while the NSA is raising awareness about North Korea’s social engineering and malware tactics. Additionally, ‘Anonymous Sudan’ demanded $3 million from Scandinavian Airlines (SAS) to halt their DDoS attacks, shifting from hacktivism to extortion.
Follow this link to read more: Trusselvurdering Juni 2023
Mai 2023:
Climate change and cybersecurity have an intricate connection, offering cyber-threat actors new opportunities like disrupting digital systems through extreme weather events, vulnerable green technologies, and geopolitical tensions leading to cyberwarfare. In March, the world encountered what is believed to be the first instance of a double supply chain attack, linked to North Korean-sponsored actors. Cyber threat actors have transitioned to employing Microsoft OneNote as a means to distribute malware, leading to real ransomware attacks.
Follow this link to read more: Trusselvurdering Mai 2023
