Supplemental Cyber Highlights – August 29, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Vulnerabilities & Threats

• Beckhoff TwinCAT/BSD Vulnerabilities Expose PLCs to Tampering, DoS Attacks | SecurityWeek
• Iranian Hackers Use New Tickler Malware for Intelligence Gathering on Critical Infrastructure | SecurityWeek
• Hitachi Energy Vulnerabilities Plague SCADA Power Systems | Dark Reading

IT Vulnerabilities & Security Updates

• Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) | Help Net Security
• APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) | Help Net Security
• Second Apache OFBiz Vulnerability Exploited in Attacks | SecurityWeek

IT Malware, Threats & Risks

• I Spy With My Little Eye: Uncovering an Iranian Counterintelligence Operation | Google Cloud
• Old methods, new technologies drive fraud losses| Help Net Security
• Malware infiltrates Pidgin messenger’s official plugin repository | Bleeping Computer
• Microsoft Sway abused in massive QR code phishing campaign | Bleeping Computer

Ransomware/Extortion

• BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave | The Hacker News
• Cisco: BlackByte ransomware gang only posting 20% to 30% of successful attacks | The Record  

Cyber Resilience & General Awareness

• ‘Store now, decrypt later’: US leaders prep for quantum cryptography concerns| The Record
• Third-party risk management is under the spotlight| Help Net Security
• Complete Guide to Protecting Seven Attack Vectors | Trend Micro