The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT/SCADA Cybersecurity
- Common TTPs of attacks against industrial organizations. Implants for remote access (Kaspersky ICS-CERT)
- Recently Patched GE Cimplicity Vulnerabilities Reminiscent of Russian ICS Attacks (Security Week)
- Linux Ransomware Poses Significant Threat to Critical Infrastructure (Dark Reading)
- 5 Ways to Enhance Asset Tracking Efficiency With LoRaWAN (International Society of Automation)
- Key Concepts of ISA/IEC 62443 (Dragos)
- The Distinction Between Asset Management and Asset Inventory in Operational Technology and Their Roles in Cybersecurity (Industrial Defender)
- Utility Experts Highlight Chinese Threat to US Electric Grid (GovInfoSecurity)
Vulnerability Notifications – Patch ‘em if ‘ya got ‘em!
- Citrix ADC Vulnerability CVE-2023-3519, 3466 and 3467 - Patch Now! (SANS Internet Storm Center)
- Adobe emergency patch fixes new ColdFusion zero-day used in attacks (Bleeping Computer)
Threat Awareness
- This is a really good one for security analysts/system administrators: Escalating Privileges via Third-Party Windows Installers (Mandiant)
- Pernicious Rootkits Pose Growing Blight On Threat Landscape (Dark Reading)
Ransomware Awareness
- Cybersecurity firm Sophos impersonated by new SophosEncrypt ransomware (Bleeping Computer)
Security Awareness (posts in this section may be useful to share with users and/or add to security awareness curriculum, reminders, or refreshers)
- This one may be practical to share with users for their personal security/safety: Plane sailing for ticket scammers: How to keep your flight plans safe (Malwarebytes)
- HTML Attachments Used in Malicious Phishing Campaigns Skyrocket: Increase 168% from 2022 and 450% from 2021 (Cofense)
- Threat actors keep using it because it keeps working: Microsoft Dominates as the Most Impersonated Brand for Phishing Scams in Q2 2023 (Checkpoint)
Cyber Resilience
- Security Awareness Training Isn’t Working – How Can We Improve It? (Security Week)
- Vulnerability Monitoring: Reducing Third-Party Risk (Intel471)
- Cybersecurity measures SMBs should implement (HelpNetSecurity)
- Strengthening Cyber Defenses | A Guide to Enhancing Modern Tabletop Exercises (SentinelOne)
