Supplemental Cyber Highlights – April 9, 2024
Created: Tuesday, April 9, 2024 - 18:02
Categories: Cybersecurity, OT-ICS Security, Security Preparedness
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
- Attempted hack on NYC continues wave of cyberattacks against municipal governments | The Record
- Round 2: Change Healthcare Targeted in Second Ransomware Attack | Dark Reading
- How can the energy sector bolster its resilience to ransomware attacks? | Help Net Security
- Industrial sectors embrace zero trust for enhanced security | Help Net Security
- US Chamber of Commerce, industry groups call for 30-day delay in CIRCIA rules | The Record
IT Vulnerabilities
- Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability | SecurityWeek
- Cisco warns of XSS flaw in end-of-life small business routers | Security Affairs
- 92,000+ internet-facing D-Link NAS devices accessible via “backdoor” account (CVE-2024-3273) | Help Net Security
IT Malware, Threats & Risks
- It Was Not Me! Malware-Initiated Vulnerability Scanning Is on the Rise | Unit 42
- Attackers Find Your Session Cookies Irresistible | Checkpoint
- Attackers Using Obfuscation Tools to Deliver Multi-Stage Malware via Invoice Phishing | The Hacker News
- Confidential VMs Hacked via New Ahoi Attacks | SecurityWeek
- Web Shells: Types, Mitigation & Removal | Sucuri
Cyber Resilience & General Awareness
- CL0P’s Ransomware Rampage – Security Measures for 2024 | The Hacker News
- The Fight for Cybersecurity Awareness | Dark Reading
- Strategies for secure identity management in hybrid environments | Help Net Security