Supplemental Cyber Highlights – December 12, 2023
Created: Tuesday, December 12, 2023 - 17:52
Categories: Cybersecurity
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
- Ransomware Attacks on Industrial Orgs Increasingly Impact OT Systems: Survey (Security Week)
- Flaws in Delta OT Monitoring Product Can Allow Hackers to Hide Destructive Activities (Security Week)
- ICS Patch Tuesday: Electromagnetic Fault Injection, Critical Redis Vulnerability (Security Week)
IT Vulnerabilities & Threats
- Cybercriminals continue targeting open remote access products (Help Net Security)
- Over 30% of Log4J apps use a vulnerable version of the library (Bleeping Computer)
- North Korean hacking ops continue to exploit Log4Shell (Cyberscoop)
- Microsoft: Mystery Group Targeting Telcos Linked to Chinese APTs (Dark Reading)
Ransomware
- Ransomware tracker: The latest figures [December 2023] (The Record)
- ALPHV/BlackCat Site Downed After Suspected Police Action (Infosecurity Magazine)