The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience

• Mastering the Art of Cyber Resilience in Operational Technology (Checkpoint)
• Secure Default Configuration, Insecure By Design & Secure By Design (Dale Peterson)
• Tenable OT Security: 2023 Year in Review (Tenable)

Critical Infrastructure Vulnerabilities, Threats & Incidents

• Hacker hijacks Orange Spain RIPE account to cause BGP havoc (BleepingComputer)
• OTORIO discloses critical vulnerabilities in physical access control systems used across building security (Industrial Cyber)
• Cyberattack on Massachusetts hospital disrupted records system, emergency services (The Record)

IT Vulnerabilities, Malware, Risks & Threats

• Qualcomm chip vulnerability enables remote attack by voice call (SC Magazine)
• Cybercriminals Implemented Artificial Intelligence (AI) for Invoice Fraud (Security Affairs)
• Several Infostealers Using Persistent Cookies to Hijack Google Accounts (Security Week)
• Don’t trust links with known domains: BMW affected by redirect vulnerability (Security Affairs)
• How Russia’s NoName057(16) could be a new model for hacking groups (CSO Online)
• Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset (The Hacker News)
• SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof Emails (The Hacker News)
• New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections (The Hacker News)
• Experts warn of JinxLoader loader used to spread Formbook and XLoader (Security Affairs)
• Microsoft disables app installation protocol abused by hackers (The Record)

Ransomware

• Experts Clash Over Ransomware Payment Ban (InfoSecurity Magazine)
• The top 4 ransomware gang failures of 2023 (Malwarebytes)
• New Black Basta decryptor exploits ransomware flaw to recover files (BleepingComputer)
• Ransomware Roundup - 8base (Fortinet)

Cyber Resilience

• Why you need to extend enterprise IT security to the mainframe (HelpNetSecurity)
• RAID Technology and the importance of disk encryption in data security (PenTestPartners)
• 5 Steps for Preventing and Mitigating Corporate Espionage (Dark Reading)
• Facts and misconceptions about cybersecurity budgets (HelpNetSecurity)

Technical Posts (for network defenders, security analysts, sysadmins, and other nerds)

• Interesting large and small malspam attachments from 2023 (SANS Internet Storm Center)
• Fingerprinting SSH Identification Strings (SANS Internet Storm Center)
• From DarkGate to AsyncRAT: Malware Detected and Shared As Unit 42 Timely Threat Intelligence (Unit42)