Supplemental Cyber Highlights – December 3, 2024
Created: Monday, December 2, 2024 - 16:31
Categories: Cybersecurity, Security Preparedness
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
- T-Mobile Shares More Information on China-Linked Cyberattack | SecurityWeek
- Costa Rica state energy company calls in US experts to help with ransomware attack | The Record
IT Vulnerability Security Update
- Critical Vulnerability Found in Zabbix Network Monitoring Tool | SecurityWeek
- New Windows Server 2012 zero-day gets free, unofficial patches | Bleeping Computer
IT Malware, Threats & Risks
- Novel phishing campaign uses corrupted Word documents to evade security | Bleeping Computer
- New Rockstar 2FA phishing service targets Microsoft 365 accounts | Bleeping Computer
- Hackers exploit ProjectSend flaw to backdoor exposed servers | Bleeping Computer
Ransomware
- VPN vulnerabilities, weak credentials fuel ransomware attacks | Help Net Security
- Mimic Ransomware: What You Need To Know | Tripwire
Cyber Resilience, General Awareness, & AI
- $400M seized, 5,500 arrested in global operation targeting cyber fraud | Help Net Security
- 5 reasons to double down on network security | Help Net Security
- Security Threats Facing LLM Applications and 5 Ways to Mitigate Them | Tripwire