The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT
- SynSaber and ICS Advisory Project Identify Vulnerability Trends Within The Critical Infrastructure Sector (Dark Reading)
- New Report: Nozomi Networks Labs Finds Defenses Are Improving But Threats Continue to Rise (Nozomi Networks)
- This could prove valuable for utilities that use Schneider Electric components: Schneider Electric announces managed security services for OT environments (Industrial Cyber)
Vulnerabilities and Threats
- Since Ivanti vulnerabilities have been highly amplified recently, here’s a new one: CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability (Rapid7)
- Even though targeting appears to be extremely limited, this is a notable attack chain to be aware of: Russian military hackers sent phishing lures masquerading as Microsoft Teams chats (The Record)
- Salesforce and Meta suffer phishing campaign that evades typical detection methods (HelpNetSecurity)
- What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot (Securelist by Kaspersky)
Technical Posts (for security analysts, sysadmins, and other nerds)
- Using the Service Location Protocol (SLP) to Find Exposed Management Interfaces (Tenable)
- AD Security Assessments and Attack Paths | How to Achieve Greater Visibility (SentinelOne)
- Always good posts from PenTestPartners: Have you been compromised? (PenTestPartners)
Cyber Resilience & General Awareness
- The Most Important Part of the Internet You’ve Probably Never Heard Of (CISA)
- A Penetration Testing Buyer's Guide for IT Security Teams (The Hacker News)
- Is Your MSP Taking Its Own Security Seriously? (Tripwire)
- Transcending Silos: Improving Collaboration Between Threat Intelligence and Cyber Risk (Mandiant)
