The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

ICS/OT/SCADA Threats and other Critical Infrastructure Resilience

• Defending Against Ransomware in Industrial Control Systems (SANS)
• Montreal electricity organization latest victim in LockBit ransomware spree (The Record)
• AlphV group takes credit for ransomware attack on Georgia county (The Record)
• The OT Supply Chain Threat (Industrial Cyber)
• Interesting and cool: DOE launches cyber contest to benefit rural utilities (Cyber Scoop)

Qakbot Takedown News

• Data From The Qakbot Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI (Troy Hunt)
• Check Point Shares Analysis of Qakbot Malware Group (Check Point)
• The removal of Qakbot from infected computers is just the first step (Help Net Security)
• How the FBI nuked Qakbot malware from infected Windows PCs (Bleeping Computer)

IT Vulnerabilities & Threats

• Cisco VPNs with no MFA enabled hit by ransomware groups (Help Net Security)
• Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence (Security Week)
• Multiple Vulnerabilities in VMware Aria Operations for Networks Could Allow for Remote Code Execution (Center for Internet Security)
• BGP Flaw Can Be Exploited for Prolonged Internet Outages (Security Week)
• How to ensure DNS records don’t become a security hazard (SC Media)

Ransomware Awareness

• 2023 ThreatLabz State of Ransomware (Zscaler)
• Why Criminals Keep Reusing Leaked Ransomware Builders (GovInfoSecurity)

Cyber Resilience & General Awareness

• The 7 Tenets of Threat Intelligence Operations – Tenet #4 – Go Beyond IoCs (Threat Connect)
• Alert fatigue: A 911 cyber call center that never sleeps (Security Intelligence)
• MOVEit Breach Shows Us SQL Injections Are Still Our Achilles' Heel (Dark Reading)
• Delinea Research Reveals a Cyber Insurance Gap (Dark Reading)
• Here's What Your Breach Response Plan Might Be Missing (Dark Reading)
• Might be a good one to share with users: Home Office / Small Business Hurricane Prep (SANS Internet Storm Center)

Technical Posts (for security analysts, sysadmins, and other nerds)

• Qakbot Malware Takedown and Defending Forward (Huntress)
• SapphireStealer: Open-source information stealer enables credential and data theft (Talos)
• The low, low cost of (committing) cybercrime (SANS Internet Storm Center)