Supplemental Cyber Highlights – December 10, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience & OT Vulnerability Management

• Bipartisan senators push for investigation into Pentagon’s cybersecurity failures after Chinese telecom networks hack | Industrial Cyber
• November 2024’s Most Wanted Malware: Androxgh0st Leads the Pack, Targeting IoT Devices and Critical Infrastructure | Check Point
• Cisco Says Flaws in Industrial Routers, BGP Tool Remain Unpatched 8 Months After Disclosure | SecurityWeek
• Public and private sectors must partner to address generative AI’s interdependent energy and security requirements | Cyberscoop

IT Vulnerability Security Updates

• Microsoft NTLM Zero-Day to Remain Unpatched Until April | Dark Reading
• Critical OpenWrt Flaw Exposes Firmware Update Server to Exploitation | SecurityWeek
• SAP Patches Critical Vulnerability in NetWeaver | SecurityWeek
• MC LR Router and GoCast unpatched vulnerabilities | Cisco Talos

IT Malware, Threats & Risks

• Chinese hackers use Visual Studio Code tunnels for remote access | Bleeping Computer
• Ongoing Phishing and Malware Campaigns in December 2024 | The Hacker News

Ransomware

• Unmasking Termite, the Ransomware Gang Claiming the Blue Yonder Attack | Infosecurity Magazine
• Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering | The Hacker News

Cyber Resilience & General Awareness

• Microsoft 365 outage takes down Office web apps, admin center | Bleeping Computer  
• Microsoft Rolls Out Default NTLM Relay Attack Mitigations | SecurityWeek
• Strengthening security posture with comprehensive cybersecurity assessments | Help Net Security