Supplemental Cyber Highlights – July 27, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

ICS/OT/SCADA

• Recommendations to Implement Secure Remote Access (SRA) Today (Dragos)
• Axis Door Controller Vulnerability Exposes Facilities to Physical, Cyber Threats (SecurityWeek)
• Update: ETSI Dismisses Claims of ‘Backdoor’ Vulnerabilities in TETRA Standard (Dark Reading)
• Bulk Power System Risks Span Complexity, Vulnerabilities, Advanced Actors (Claroty – Nexus)
• Repeatable VEC Attacks Target Critical Infrastructure (Infosecurity Magazine)
• For OT security analysts, operators, and engineers: OPC UA Deep Dive Series (Part 5): Inside Team82’s Research Methodology (Claroty’s Team82)

Security Awareness

• Spotlight on shadow IT (UK National Cyber Security Centre)
• KnowBe4 Phishing Test Results Reveal Half of Top Malicious Email Subjects Are HR Related (Dark Reading)

Threats

• Understanding the Evolution of Modern Business Email Compromise Attacks (SentinelOne)
• The Alarming Rise of Infostealers: How to Detect this Silent Threat (The Hacker News)
• Another good one for security analysts: Deconstructing PowerShell Obfuscation in Malspam Campaigns (SentinelOne)

Ransomware Awareness

• Akira ransomware compromised at least 63 victims since March, report says (The Record)

Cyber Resilience

• Key questions to ask when evaluating a network-security vendor (SC Magazine)
• How To Obtain the Right Cybersecurity Insurance for Your Business (Tenable)