(TLP:CLEAR) Supplemental Cyber Highlights – July 17, 2025
Created: Thursday, July 17, 2025 - 13:29
Categories: Cybersecurity, OT-ICS Security, Security Preparedness
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
- OT cybersecurity reporting remains a structural weakness as threats outpace legacy governance models | Industrial Cyber
- GAO finds progress in cyber information sharing, warns of rising attacks on critical infrastructure | Industrial Cyber
- Chinese Hackers Target Taiwan’s Semiconductor Sector with Cobalt Strike, Custom Backdoors | The Hacker News
- Senate panel passes Intelligence Authorization Act that takes aim at telecom hacks | The Record
- What a mature OT security program looks like in practice | Help Net Security
- China’s Salt Typhoon Hacked US National Guard | SecurityWeek
- NIST issues first draft in OT Security Series, targets USB cyber risks in industrial systems | Industrial Cyber
IT Vulnerability Security Updates
- Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code | The Hacker News
- UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit | The Hacker News
- Asus and Adobe vulnerabilities | Cisco Talos
- Azure’s Front Door WAF WTF: IP Restriction Bypass | TrustedSec
- Critical Wing FTP Server Vulnerability Exploited | SecurityWeek
- Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment | SecurityWeek
IT Malware, Threats & Risks
- Hackers Leverage Microsoft Teams to Spread Matanbuchus 3.0 Malware to Targeted Firms | The Hacker News
- Amazon warns 200 million Prime customers that scammers are after their login info | Malwarebytes
- DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total | SecurityWeek
Ransomware
- Microsoft Exposes Scattered Spider’s Latest Tactics | Infosecurity Magazine
- Talos IR ransomware engagements and the significance of timeliness in incident response | Cisco Talos
- Police disrupt “Diskstation” ransomware gang attacking NAS devices | Bleeping Computer
Cyber Resilience, General Awareness, & AI
- Cloudflare says 1.1.1.1 outage not caused by attack or BGP hijack | Bleeping Computer
- Securing the Budget: Demonstrating Cybersecurity’s Return | Dark Reading
- How AI is changing the GRC strategy | CSO Online