Supplemental Cyber Highlights – December 19, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience

• Researchers reveal OT-specific malware in use and in development | Help Net Security
• New Malware Can Kill Engineering Processes in ICS Environments | Infosecurity Magazine
• New Forescout research details persistent malware threats to OT/ICS engineering workstations | Industrial Cyber
• How to Create an Effective Merged IT/OT SOC | Industrial Cyber

IT Vulnerability Security Updates

• Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected | The Hacker News
• BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) | Help Net Security
• Fortinet Patches Critical FortiWLM Vulnerability | SecurityWeek
• Chrome 131 Update Patches High-Severity Memory Safety Bugs | SecurityWeek  

IT Malware, Threats & Risks

• Phishing Attacks Double in 2024 | Infosecurity Magazine  
• APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP | The Hacker News
• Midnight Blizzard Taps Phishing Emails, Rogue RDP Nets | Dark Reading
• Silent Heists: The Danger of Insider Threats | Tripwire  

Ransomware

• Ransomware in 2024: New players, bigger payouts, and smarter tactics | Help Net Security
• Clop is back to wreak havoc via vulnerable file-transfer software | Cyberscoop
• Dragos reports ransomware shifts in Q3, with hackers picking operational sabotage over financial extortion | Industrial Cyber

Cyber Resilience, General Awareness, & AI

• US considers banning TP-Link routers over cybersecurity risks | Bleeping Computer
• AI Regulation Gets Serious in 2025 – Is Your Organization Ready? | SecurityWeek