The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
- Moody’s Rating adds telecoms, airlines, utilities to highest risk category | Cyberscoop
- WEF-University of Oxford cyber resilience white paper extends protection from IT to OT and ICS environments | Industrial Cyber
IT Vulnerability Security Update
- ICS Patch Tuesday: Security Advisories Released by CISA, Schneider, Siemens, Rockwell | SecurityWeek
- Ivanti Patches 50 Vulnerabilities Across Several Products | SecurityWeek
- Citrix Issues Patches for Zero-Day Recording Manager Bugs | Dark Reading
- Citrix, Fortinet Patch High-Severity Vulnerabilities | SecurityWeek
- How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) | Help Net Security
- Zoom addressed two high-severity issues in its platform | Security Affairs
IT Malware, Threats & Risks
- KnowBe4 Releases 2024 Holiday Kit to Boost Cyber Resilience | IT Security Guru
- Microsoft Power Pages Leak Millions of Private Records | Dark Reading
Ransomware
- Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims | The Hacker News
- New ShrinkLocker ransomware decryptor recovers BitLocker password | Bleeping Computer
Cyber Resilience, General Awareness & AI
- Here’s how misconfigurations in Microsoft Power Pages could lead to data breaches | Cyberscoop
- The Rising Cost of Cybersecurity: How Companies Can Effectively Communicate the Value of Protection | Tripwire
- Empowering Employees in the Age of AI: Strengthening Cyber Security through Training and Awareness | Checkpoint
- AI Threat to Escalate in 2025, Google Cloud Warns | Infosecurity Magazine
