Supplemental Cyber Highlights – December 5, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

• Bridging the IT-OT Cybersecurity Gap: Strengthening OT Cybersecurity with Advanced SOC Capabilities (Dragos)
• Disruptive new wave of ransomware hits critical infrastructure (Axios)
• Siemens PLCs Still Vulnerable to Stuxnet-like Cyberattacks (Dark Reading)
• Zero Trust Network Access (ZTNA) – Revolutionizing remote access security across OT environments (Industrial Cyber)

IT Vulnerabilities & Threats

• Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks (Bleeping Computer)
• Check Point Research Report: Iranian Hacktivist Proxies Escalate Activities Beyond Israel (Check Point)

Ransomware

• Ransomware Attacks Using RDP as the Attack Vector – Detected by EDR (ASEC)

Cyber Resilience

• 2024 cybersecurity outlook: The rise of AI voice chatbots and prompt engineering innovations (Help Net Security)
• Cyber Threats to Watch Out for in 2024 (Dark Reading)