Supplemental Cyber Highlights – February 22, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

• China’s Volt Typhoon Hackers Are Exfiltrating Sensitive OT Data | SecurityWeek
• Biden executive order gives Coast Guard added authority over maritime cyber threats | Cyberscoop
• FACT SHEET: Biden-⁠Harris Administration Announces Initiative to Bolster Cybersecurity of U.S. Ports | The White House
• Control Systems Firm PSI Struggles to Recover From Ransomware Attack | SecurityWeek

IT Vulnerabilities

• ConnectWise Rushes to Patch Critical Vulns in Remote Access Tool | SecurityWeek
• Researchers warn high-risk ConnectWise flaw under attack is ’embarrassingly easy’ to exploit | TechCrunch
• Microsoft Exchange flaw CVE-2024-21410 could impact up to 97,000 servers | Security Affairs
• VMware urges admins to remove deprecated, vulnerable auth plug-in | Bleeping Computer
• Joomla XSS Bugs Open Millions of Websites to RCE | Dark Reading

IT Malware, Threats & Risks

• Attacker Breakout Time Falls to Just One Hour | Infosecurity Magazine
• The old social engineering playbook – Now with AI! | Zscaler

Ransomware

• LockBit Takedown: What You Need to Know about Operation Cronos | Infosecurity Magazine
• More details about Operation Cronos that disrupted Lockbit operation | Security Affairs
• Ransomware Groups, Targeting Preferences, and the Access Economy | Bleeping Computer
• Knight ransomware source code for sale after leak site shuts down | Bleeping Computer

General Awareness & Resilience

• Cyber Insurance Needs to Evolve to Ensure Greater Benefit | Dark Reading
• Cyber Insights 2024: Supply Chain | SecurityWeek
• Private Branch Exchange (PBX) best practice | National Cyber Security Centre