The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Incidents
Vulnerabilities
- CVE-2023-33299: Critical Remote Code Execution Vulnerability in FortiNAC – Tenable
- Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution – Center for Internet Security (CIS)
Threats
- Malvertising: A stealthy precursor to infostealers and ransomware attacks – Malwarebytes
- Malicious Actors Utilizing QR Codes to Deploy Phishing Pages to Mobile Devices – Cofense
Cyber Resilience
- Priorities in Preparing for a Ransomware Attack: People, Processes, and Technology – Fortinet
- 3 Steps to Successfully & Ethically Navigate a Data Breach – DarkReading
- New techniques added to the NCSC’s ‘risk management toolbox’ – NCSC
- Five ways to get the board to think more seriously about OT security – SC Magazine
