The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
- Harnessing power of CIE, CCE methodologies to build resilience across critical infrastructure sectors (Industrial Cyber)
- CISA working on updated National Cyber Incident Response Plan (The Record)
- ENISA Threat Landscape 2023 report points to surge in ransomware, rise in supply chain attacks, persistent DDoS threats (Industrial Cyber)
- Navigating OT/IT convergence and securing ICS environments (HelpNetSecurity)
ICS/OT/SCADA Vulnerabilities & Threats
IT Vulnerabilities, Malware & Threats
- Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops (Security Week)
- Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover (DarkReading)
- Another InfoStealer Enters the Field, ExelaStealer (Fortinet)
- Battling a new DarkGate malware campaign with Malwarebytes MDR (Malwarebytes)
Ransomware
- Ransomware attacks are getting faster: How to adjust incident response plans accordingly (SC Media)
- GuidePoint latest data reveals alarming trends across industries, as ransomware activities surge (Industrial Cyber)
- Authorities Shut Down RagnarLocker Ransomware Infrastructure (Security Week)
General Awareness
- 9 Innovative Ways to Boost Security Hygiene for Cyber Awareness Month (DarkReading)
- Social Engineering Attacks - How to Recognize and Resist The Bait (SentinelOne)
- How passkeys are changing the face of authentication (HelpNetSecurity)
Technical Posts (for security analysts, sysadmins, and other nerds)
