The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT/SCADA Vulnerabilities & Threats
- Siemens has 21 advisories on its own site today: Siemens Security Advisories (Siemens)
- ICS Patch Tuesday: Critical CodeMeter Vulnerability Impacts Several Siemens Products (Security Week)
- Exploiting Automation License Manager using DFS for PCS 7 Takeover (Otorio)
- 'Redfly' hackers infiltrated power supplier's network for 6 months (Bleeping Computer)
Critical Infrastructure Resilience
- Security by design’s shining moment: Cybersecurity for the energy transformation (UtilityDive)
- Four Key Challenges to Managing OT Cyber Risk (Dragos)
- Asset Identification Using OT Protocols (SynSaber)
- OT Security: Risks, Challenges and Securing your Environment (Tripwire)
- Five characteristics of highly capable industrial switches (Cisco)
- The Multi-Faceted Capabilities of Advanced Threat Detection Systems in OT Cybersecurity (Radiflow)
- DOE adds two new resources to advance awareness, implementation of CIE in energy sector (Industrial Cyber)
IT Malware & Threats
- Sophisticated Phishing Campaign Deploying Agent Tesla, OriginBotnet, and RedLine Clipper (The Hacker News)
- macOS MetaStealer | New Family of Obfuscated Go Infostealers Spread in Targeted Attacks (SentinelOne)
- Overcoming the Rising Threat of Session Hijacking (Dark Reading)
- Root Admin User: When Do Common Usernames Pose a Threat? (ISMG | GovInfoSecurity)
- Rise in Tech-Support Scams Abusing Windows Action Center Notifications (Zscaler)
- Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows (The Hacker News)
- The Initial Access Broker Economy: A Deep Dive into Dark Web Hacking Forums (Bleeping Computer)
- Evolution of USB-Borne Malware, Raspberry Robin (Huntress)
IT Vulnerabilities
- Vulnerabilities Allow Hackers to Hijack, Disrupt Socomec UPS Devices (Security Week)
- Cisco, Juniper Networks address vulnerabilities (SC Magazine)
- Apple fixes 0-Day Vulnerability in Older Operating Systems (SANS Internet Storm Center)
- Apple discloses 2 new zero-days exploited to attack iPhones, Macs (Bleeping Computer)
- Google Fixed the Fourth Chrome Zero-day of 2023 (Security Affairs)
Ransomware Awareness
- Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks (Security Week)
- Cuba Ransomware Group Unleashes Undetectable Malware (Infosecurity Magazine)
- The main causes of ransomware reinfection (Malwarebytes)
- Don’t focus on ransomware variants, say UK’s national cyber and crime agencies (The Record)
- A history of ransomware: How did it get this far? (Malwarebytes)
Cyber Resilience
- AT&T Cybersecurity serves as critical first responder during attack on municipality (AT&T Cybersecurity)
- Security and privacy laws, regulations, and compliance: The complete guide (CSO Online)
- The Defense Window is Closing: Why Declining Dwell Times Is Concerning (CSO Online)
- 10 Mistakes in Cybersecurity and How to Avoid Them (Tripwire)
- Senators want a special government unit to help small businesses with cyberattacks (SC Magazine)
General Awareness & Reports
- Chrome's "Enhanced Ad Privacy": What you need to know (Malwarebytes)
- Forescout reports network infrastructure under siege, as ransomware continues to be ‘most lucrative and active’ (Industrial Cyber)
Technical Posts (for security analysts, sysadmins, and other nerds)
