The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
- Cisco Finds 15 Vulnerabilities in AutomationDirect PLCs | SecurityWeek
- Cyber incident forces Cleveland to shut down city hall | The Record
- Massachusetts town loses $445,000 in email scam | Statescoop
- Atlanta to tap AI to detect water main breaks | Statescoop
- The SANS ICS Five Critical Controls: A Practical Framework for OT Cybersecurity | Dragos
- Nozomi Networks Labs Announces Vulnerabilities Affecting the AiLux RTU62351B and the “Codename I11USION” Whitepaper | Nozomi Networks
IT Vulnerabilities & Security Updates
- Exploit for critical Veeam auth bypass available, patch now | Bleeping Computer
- Netgear WNR614 flaws allow device takeover, no fix available | Bleeping Computer
- Azure Service Tags Vulnerability: Microsoft Warns of Potential Abuse by Hackers | The Hacker News
IT Malware, Threats & Risks
- UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion | Google Cloud
- Top 10 Critical Pentest Findings 2024: What You Need to Know | The Hacker News
- New Phishing Campaign Uses Stealthy JPGs to Drop Agent Tesla | Hackread
- PHP fixes critical RCE flaw impacting all versions for Windows | Bleeping Computer
Cyber Resilience & General Awareness
