The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience & OT/ICS Vulnerability Management
- Claroty’s Team82 discovers five vulnerabilities in MMS protocol, posing significant risks to industrial devices | Industrial Cyber
- CISA advisory committee approves four draft reports on critical infrastructure resilience | Cyberscoop
- Growing need to balance benefits, risks of integrating AI in OT cybersecurity in evolving threat landscape | Industrial Cyber
IT Vulnerability Security Updates
- Nation-State Attackers Exploiting Ivanti CSA Flaws for Network Infiltration | The Hacker News
- 87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) | Help Net Security
- WordPress Jetpack plugin critical flaw impacts 27 million sites | Security Affairs
- Juniper Networks Patches Dozens of Vulnerabilities | SecurityWeek
IT Malware, Threats & Risks
- Analyzing the Latest APWG Phishing Activity Trends Report: Key Findings and Insights | Tripwire
- Even Orgs With SSO Are Vulnerable to Identity-Based Attacks | Dark Reading
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks | The Hacker News
Ransomware
- Ransomware operators exploited Veeam Backup & Replication flaw CVE-2024-40711 in recent attacks | Security Affairs
- Akira and Fog ransomware now exploit critical Veeam RCE flaw | Bleeping Computer
- Lynx Ransomware: A Rebranding of INC Ransomware | Unit 42
Cyber Resilience & General Awareness
- How nation-states exploit political instability to launch cyber operations | Help Net Security
- What NIST’s latest password standards mean, and why the old ones weren’t working | Cisco Talos
- The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short | The Hacker News
- What is Behavioral Analysis in Cybersecurity? | Huntress
