Supplemental Cyber Highlights – February 13, 2024
Created: Tuesday, February 13, 2024 - 18:12
Categories: Cybersecurity, OT-ICS Security, Security Preparedness
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
- ICS Patch Tuesday: Siemens Addresses 270 Vulnerabilities | SecurityWeek
- Nozomi research reveals growing threats to critical infrastructure from OT and IoT network anomalies | Industrial Cyber
- Bank of America warns customers of data breach after vendor hack | BleepingComputer
- Verizon Breach – Malicious Insider or Innocuous Click? | IT Security Guru
IT Vulnerabilities/Security Updates
- Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893) | HelpNetSecurity
- Juniper Support Portal Exposed Customer Device Info | Krebs on Security
- Critical Fortinet FortiOS CVE-2024-21762 Exploited | Rapid7
IT Malware/Threats/Risks
- From Cracked to Hacked: Malware Spread via YouTube Videos | Cybereason
- Protecting against AI-enhanced email threats | HelpNetSecurity
- Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive | SecurityWeek
- Bumblebee Buzzes Back in Black | Proofpoint
- Tooth be told: Toothbrush DDoS attack claim was lost in translation, claims Fortinet | Graham Cluley
- 4 Ways Hackers use Social Engineering to Bypass MFA | TheHackerNews
- Maldocs of Word and Excel: Vigor of the Ages | CheckPoint
- Fake LastPass password manager spotted on Apple’s App Store | BleepingComputer
Ransomware
- Patterns and Targets for Ransomware Exploitation of Vulnerabilities: 2017–2023 | Recorded Future
- Ransomware review: February 2024 | Malwarebytes Labs
General Resilience, Awareness & Reports
- Why Demand for Tabletop Exercises Is Growing | DarkReading
- US Dismantles Warzone RAT Malware Operation | Infosecurity Magazine
- 2024 Annual State of Email Security Report: What to Expect | Cofense
- 5 Key Findings from the Business Email Compromise (BEC) Trends Report | Tripwire