The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience & OT Vulnerability Management
- Critical vulnerabilities found in Mongoose Web Server Library, updating to v7.15 remediates issues | Industrial Cyber
- 300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks | SecurityWeek
- Library of Congress Says an Adversary Hacked Some Emails | SecurityWeek
- Bridging the gap by integrating zero trust strategies in IT and OT environments for enhanced cybersecurity | Industrial Cyber
IT Vulnerability Security Update
- Fortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched: Report | SecurityWeek
- Security plugin flaw in millions of WordPress sites gives admin access | Bleeping Computer
IT Malware, Threats & Risks
- Phishing emails increasingly use SVG attachments to evade detection | Bleeping Computer
- Botnet exploits GeoVision zero-day to install Mirai malware | Bleeping Computer
Cyber Resilience & General Awareness
- Bipartisan effort to clean up cyber regulations gets a boost in House, but calendar is tight | The Record
- How and where to report cybercrime: What you need to know | Help Net Security
- The Stealthy Success of Passkeys | IT Security Guru
- The Problem of Permissions and Non-Human Identities - Why Remediating Credentials Takes Longer Than You Think | The Hacker News
