The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
- Living Off the Land Attacks and Countermeasures in Industrial Control Systems (SANS)
- Electric Power System Cybersecurity Vulnerabilities (Trend Micro)
- New York State Comptroller reports on cyber attacks that have potential to shut down critical infrastructure systems (Industrial Cyber)
- Hacktivists in Palestine and Israel after SCADA and other industrial control systems (Security Affairs)
IT Vulnerabilities & Threats
- Hackers hijack Citrix NetScaler login pages to steal credentials (Bleeping Computer)
- Tripwire Patch Priority Index for September 2023 (Tripwire)
- D-Link WiFi range extender vulnerable to command injection attacks (Bleeping Computer)
- HTTP/2 Rapid Reset: deconstructing the record-breaking attack (Cloudflare)
Cyber Resilience & General Awareness
- Moving beyond vulnerability scanning to strengthen your attack surface (Security Intelligence)
- Is your IR plan DOA? (Red Canary)
- Phishing Emails Are More Believable Than Ever. Here’s What to Do About It. (Fortinet)
- FTC Data Shows Consumers Report Losing $2.7 Billion to Social Media Scams Since 2021 (FTC)
