Supplemental Cyber Highlights – August 24, 2023
Created: Thursday, August 24, 2023 - 17:48
Categories: Cybersecurity, OT-ICS Security, Security Preparedness
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure (Vulnerabilities & Threats to ICS/OT/SCADA)
- Rockwell ThinManager Vulnerabilities Could Expose Industrial HMIs to Attacks (Security Week)
- Proofpoint Research: 77% of Canadian Energy Companies are Exposing Themselves to Email Fraud (Proofpoint)
- The Physical Impact of Cyberattacks on Cities (Dark Reading)
ICS/OT Cyber Resilience
- OT Cybersecurity Best Practices for SMBs: How to Implement Change Management (Dragos)
- Conducting Gap Assessments to Secure Control Environments’ Cloud-based Solutions (Claroty Nexus)
IT Vulnerabilities
- Seriously, patch ‘em if ya got ‘em: Ivanti Sentry critical vulnerability—don’t play dice, patch (Malwarebytes)
- Adobe Patches Critical Deserialization Vulnerability, but Exploits Persist (Dark Reading)
- First Weekly Chrome Security Update Patches High-Severity Vulnerabilities (Security Week)
Ransomware
- Akira ransomware gang spotted targeting Cisco VPN products to hack organizations (Security Affairs)
- Cybersecurity Companies Report Surge in Ransomware Attacks (Security Week)
- Ransomware Reaches New Heights (Dark Reading)
- Ransomware actors log on when you log off. Here’s how to stop them. (Sophos)
IT Malware & Threats
- DarkGate reloaded via malvertising and SEO poisoning campaigns (Malwarebytes)
- New “Whiffy Recon” Malware Triangulates Infected Device Location via Wi-Fi Every Minute (The Hacker News)
- Lazarus Group’s infrastructure reuse leads to discovery of new malware (Cisco Talos)
- Open redirect flaws increasingly exploited by phishers (HelpNetSecurity)
Cyber Resilience
- Best Practices to Reduce Your Attack Surface (Huntress)
- Remote access detection in 2023: Unmasking invisible fraud (IBM Security Intelligence)
- Two new MITRE programs central to strengthening cyber defense work on building global cyber capacity (Industrial Cyber)
General Awareness & Reports
- This is just sad; cyber crime is also a public health threat: Surge in identity crime victims reporting suicidal thoughts (HelpNetSecurity)
- Surge in Cybercrime: Check Point 2023 Mid-Year Security Report Reveals 48 Ransomware Groups Have Breached Over 2,200 Victims (Check Point)
- Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders (Sophos)
- Suggest sharing with users: The Hidden Dangers of Public Wi-Fi (The Hacker News)
Technical Posts (for security analysts, sysadmins, and other nerds)
- More Exotic Excel Files Dropping AgentTesla (SANS Internet Storm Center)
- Demystifying DLL Hijacking Understanding the Intricate World of Dynamic Link Library Attacks (Binary Defense)
- From Conti to Akira | Decoding the Latest Linux & ESXi Ransomware Families (SentinelOne)