The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

• Update Chrome now! Google fixes critical vulnerability in Autofill payments – Malwarebytes
• Calm In The Storm: Reviewing Volt Typhoon – Huntress
• CVE-2023-34362: MOVEit Vulnerability Timeline of Events – Rapid7
• VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors – Mandiant
• NERC’s Internal Network Security Monitoring (INSM) Standard: Why and Why Now? – Nozomi Networks
• Attack Surface Management Strategies – TrendMicro
• The 2023 Threat Report – At a Glance – Waterfall
• Cyber liability insurance vs. data breach insurance: What's the difference? – CSO Online
• Three Reasons Why Your Email Security is Failing – Cofense
• Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU – Security Affairs