Supplemental Cyber Highlights – August 8, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

ICS/OT/SCADA Vulnerabilities

• ICS Patch Tuesday: Siemens Fixes 7 Vulnerabilities in Ruggedcom Products (Security Week)
• Siemens has 23 Security Advisories on its own site today: Siemens Security Advisories (Siemens)
• Protecting the Phoenix: Unveiling Critical Vulnerabilities in Phoenix Contact HMI – Part 1 (Nozomi Networks)
• Dozens of RCE Vulnerabilities Impact Milesight Industrial Router (Security Week)

Critical Infrastructure Resilience

• Nexus Podcast: Jennifer Lyn Walker on Cybersecurity Risks in the Water Sector (Claroty)
• DHS more than doubles SLCGP funding to about US$375 million, in bid to boost state and local cybersecurity (Industrial Cyber)
• Break IT/OT Silos by Expanding SOC Responsibilities (Trend Micro)

IT Vulnerabilities & Threats

• Another PaperCut: CVE-2023-39143 Remote Code Execution (Huntress)
• Hackers can abuse Microsoft Office executables to download malware (Bleeping Computer)

Technical Posts (for security analysts, sysadmins, and other nerds)

• New Microsoft Azure AD CTS feature can be abused for lateral movement (Bleeping Computer)
• Databases beware: Abusing Microsoft SQL Server with SQLRecon (IBM Security Intelligence)

Ransomware Awareness

• Ransomware Roundup – DoDo and Proton (Fortinet)
• Don’t know about rampant, but: Akamai Research: Rampant Abuse of Zero-Day and One-Day Vulnerabilities Leads to 143% Increase in Victims of Ransomware (Akamai)
• How to manage a mass password reset due to a ransomware attack (Bleeping Computer)

Reports and General Awareness

• How to Create an Effective GRC Program: 3 Phases (Dark Reading)
• Key Findings from the 1H 2023 FortiGuard Labs Threat Report (Fortinet)