Threat landscape 2023

Sorasec present the threat landscape every month. Nina Pettersen discusses various topics and present her findings.

Mars 2024  

This month we write about the realm of AI-related threats, and a collaboration between Microsoft Threat Intelligence and OpenAI. Together they disrupted the operations of five state-affiliated malicious actors.

Additionally, Norway has published the annual trio of public threat and risk assessments from NSM, PST and NIS. Our focus shifts to the insights contributed by NSM to the ongoing AI discourse, examining both the merits and drawbacks of this technology.

Follow this link to read more: Trusselvurdering mars 2024

Februar 2024

Reflecting on a challenging month, the Nordic region experienced notable cybersecurity incidents, including the Akira ransomware attack on Tietoevry’s data center in Sweden. Recent trends indicate Akira ransomware actors are focusing on data exfiltration, a strategic shift to mitigate detection risks.

Other incidents involved ransomware attacks on NBBL, a potential disruption at Matbørsen and a Russian hacker group accessing Microsoft executives’ email accounts.
DNB faced nearly 10,000 fraud attempts in 2023, a significant 45% increase from the previous year, totaling 1.8 billion Norwegian kroner.

Follow this link to read more: Trusselvurdering februar 2024

Januar 2024

Ongoing cyber threats in 2024 include APT28 exploiting the Israel-Hamas conflict, a rising trend of opportunistic ransomware attacks, and notable incidents in Norway and Sweden.
Companies face evolving ransomware tactics, emphasizing the need for advanced security measures and risk management solutions.

Follow this link to read more: Trusselvurdering januar 2024

December 2023

December brings festive vibes, but the cybersecurity risks are persisting even during the holiday season.
EDC, a Danish real estate firm, faced a major breach by the Black Basta hacker group, exposing sensitive data and demanding a $6 million ransom. On a positive note, international law enforcement successfully dismantled a prominent ransomware gang operating from Ukraine.
Google addressed a critical zero-day vulnerability in Chrome, and Bluetooth chips from major vendors like Qualcomm and Apple are susceptible to security flaws, allowing unauthorized access and data interception.

Follow this link to read more: Trusselvurdering desember 2023

November 2023:

Cybersecurity Update from Arash Mithraian: In November, cybercriminal profits exceeded the world’s third-largest economy. Recent incidents include a spear-phishing attack on the Norwegian Broadcasting Corporation using the Pass-The-Cookie technique to bypass multifactor authentication and vulnerabilities in Citrix where data from memory are exposed. Stay vigilant and implement recommended measures to bolster defences.

Follow this link to read more: Trusselvurdering_november 2023

October 2023:

In October, we celebrate the 20th anniversary of Cybersecurity Awareness Month. In this month’s threat image report, Nina gives you the four essential steps to stay safe online.
She also talks about the new crypter and loader called ASMCrypt, and Google’s recent Zero-Day Vulnerability.

Follow this link to read more: Trusselvurdering oktober 2023

September 2023:

In this month’s threat landscape report, Nina discusses smart cities and the looming cyber vulnerabilities they represent. She also highlights the growing AI-driven cyber threats. Stay informed as we delve into these critical topics.

Follow this link to read more: Trusselvurdering September 2023

August 2023: 

Hackers gained long-term access to Norway’s government mobile device system, causing concerns for national security. A joint advisory from NSM and CISA highlights cybersecurity issues. Plus, in the area of important information, foreign hackers went after Norwegian phone numbers to create chaos, showing that cyber threats can be different and tricky.

Follow this link to read more: Trusselvurdering August 2023

Juli 2023: 

As some countries kick off their holiday season and others await August, it’s crucial to stay alert against phishing and malware threats. LinkedIn is full of advice on staying safe online. Phishing attacks can lead to ransomware, where hackers steal credentials to infiltrate networks and encrypt data. A new ransomware group called MalasLocker stands out by not demanding ransoms, but instead, asking victims to donate to charities, with an unusual message about disliking corporations.
Lastly, a reminder for the C-Suite: a former CEO faced legal consequences for not adhering to data protection regulations, emphasizing the importance of cybersecurity compliance.

Follow this link to read more: Trusselvurdering Juli 2023

Juni 2023:

Iranian state actors employ Cyber-Enabled IO or psychological operations (PSYOPS) to influence other nations. They use SMS messaging and impersonate high-value figures for their operations. In Russia, an APT actor exploited iOS devices, while the NSA is raising awareness about North Korea’s social engineering and malware tactics.  Additionally, ‘Anonymous Sudan’ demanded $3 million from Scandinavian Airlines (SAS) to halt their DDoS attacks, shifting from hacktivism to extortion.

Follow this link to read more: Trusselvurdering Juni 2023

Mai 2023: 

Climate change and cybersecurity have an intricate connection, offering cyber-threat actors new opportunities like disrupting digital systems through extreme weather events, vulnerable green technologies, and geopolitical tensions leading to cyberwarfare. In March, the world encountered what is believed to be the first instance of a double supply chain attack, linked to North Korean-sponsored actors. Cyber threat actors have transitioned to employing Microsoft OneNote as a means to distribute malware, leading to real ransomware attacks.

Follow this link to read more: Trusselvurdering Mai 2023