The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT/SCADA
- Detecting Risk in OT Environments: The Basics (SynSaber)
- Researchers uncovered new worming second-stage tools used to locally exfiltrate data from air gapped ICS environments, putting threat actors one step away from transmission of the info to a C2. The attackers aimed to establish a permanent channel for data exfiltration, including sensitive information stored on air-gapped systems.
- APT31 Implants Target Industrial Organizations (Infosecurity Magazine)
- Air-Gapped ICS Systems Targeted by Sophisticated Malware (Dark Reading)
Threats
- Beyond File Search: A Novel Method for Exploiting the "search-ms" URI Protocol Handler (Trellix)
- 200 Canon Printer Models May Expose Wi-Fi Connection Data (Security Week)
- Understanding the Evolution of Modern Business Email Compromise Attacks (SentinelOne)
- How to protect legacy IT systems (Kaspersky)
- The Nightmare Of Destructive Malware | From Wiper To SwiftSlicer (SentinelOne)
- IcedID Malware Adapts and Expands Threat with Updated BackConnect Module (The Hacker News)
Ransomware Awareness
- Ransomware Delivery URLs: Top Campaigns and Trends (PaloAlto Unit42)
General Awareness
- Enabling Cyber Resilience in the Public Sector (Fortinet)
- Florida mandates cybersecurity training for state workers (SC Magazine)
