The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
- Deadline looms for alleged LockBit extortion of Feds over 33TB of data | SCMagazine
- LockBit claims the hack of the US Federal Reserve | Security Affairs
- Car Dealerships in North America Revert to Pens and Paper After Cyberattacks on Software Provider | SecurityWeek
- CDK Global outage caused by BlackSuit ransomware attack | BleepingComputer
- Gaining Network Transparency with Asset Discovery and Compliance for IT/OT | Tripwire
- What Is OT Cyber Threat Intelligence? | Dragos
- MITRE launches ACID to boost OT security with ATT&CK-based indicators using CISA’s ICSNPP Parsers | Industrial Cyber
- Analyzing role of C-Level executives, management in enhancing cybersecurity within industrial sectors | Industrial Cyber
IT Vulnerabilities, Malware, Threats, and Risks
- SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately | TheHackerNews
- URL shortener in a Microsoft Word file that leads to Remcos RAT | Forcepoint
- New Attack Technique Exploits Microsoft Management Console Files | TheHackerNews
- New Cyberthreat 'Boolka' Deploying BMANAGER Trojan via SQLi Attacks | TheHackerNews
- 92% of Organizations Hit by Credential Compromise from Social Engineering Attacks | Infosecurity Magazine
- 1 out of 3 breaches go undetected | HelpNetSecurity
- How generative AI Is expanding the insider threat attack surface | IBM Security Intelligence
Ransomware
- KnowBe4 Launches Ransomware Awareness Month With IT Resource Kit at No Cost | IT Security Guru
- 'P2PInfect' Worm Grows Teeth With Miner, Ransomware & Rootkit | DarkReading
- Qilin Ransomware: What You Need To Know | Tripwire
- Ransomware threat landscape Jan-Apr 2024: insights and challenges | Security Affairs
Cyber Resilience
- Zero Trust Maturity: How to Know When You’re Getting Close | Tripwire
- Multifactor Authentication Is Not Enough to Protect Cloud Data | DarkReading
- Protecting high-value information: Tips for small and medium organizations (ITSAP.40.001) | Canadian Centre for Cyber Security
- IoT Security Regulations: A Compliance Checklist – Part 1 | Tripwire
