Supplemental Cyber Highlights – July 23, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

• Simple ‘FrostyGoop’ malware responsible for turning off Ukrainians’ heat in January attack | CyberScoop
• California Officials Say Largest Trial Court in US Victim of Ransomware Attack | SecurityWeek
• Safety Equipment Giant Cadre Holdings Hit by Cyberattack | SecurityWeek

IT Vulnerabilities

• Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991) | HelpNetSecurity

IT Malware, Threats & Risks

• SocGholish malware used to spread AsyncRAT malware | Security Affairs
• PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing | TheHackerNews
• The Evolving Panchan Botnet | Nozomi Networks
• MitM Attacks: Understanding the Risks and Prevention Strategies | Tripwire
• Alert: HotPage Adware Disguised as Ad Blocker Installs Malicious Kernel Driver | TheHackerNews
• Revolver Rabbit gang registers 500,000 domains for malware campaigns | BleepingComputer

Ransomware/Extortion

• From RA Group to RA World: Evolution of a Ransomware Group | Unit42
• Play Ransomware Group’s New Linux Variant Targets ESXi, Shows Ties With Prolific Puma | Trend Micro

Cyber Resilience & General Awareness

• How to Securely Onboard New Employees Without Sharing Temporary Passwords | TheHackerNews
• 4 “Low-Priority” Online Threats That Can Inflict Serious Brand Damage | AT&T Cybersecurity
• Three ways to thwart non-human identity attacks | SC Magazine