Supplemental Cyber Highlights – Aug 27, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Vulnerabilities, Threats & Incidents

• Versa fixes Director zero-day vulnerability exploited in attacks | Bleeping Computer
• CISA seeks public feedback on information collection request to OMB for cybersecurity data review | Industrial Cyber
• The Importance of Governance, Risk, and Compliance with Practical Exposure in OT Security | Industrial Cyber

Ransomware

• Global Cyber Insurance Premiums Decline Despite Ransomware Surge | Tripwire

IT Vulnerabilities & Security Updates

• SonicWall Patches Critical SonicOS Vulnerability  | SecurityWeek
• Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation | The Hacker News

IT Malware, Threats & Risks

• Half of enterprises suffer breaches despite heavy security investments | Help Net Security
• From Cybercrime to Terrorism, FBI Director Says America Faces Many Elevated Threats ‘All at Once’ | SecurityWeek

Cyber Resilience & General Awareness

• A Third of Organizations Suffer SaaS Data Breaches | Infosecurity Magazine
• Microsoft to Host Windows Security Summit in CrowdStrike Outage Aftermath | Dark Reading
• Adversaries love bots, short-lived IP addresses, out-of-band domains | Help Net Security