Supplemental Cyber Highlights – February 20, 2024
Created: Tuesday, February 20, 2024 - 19:51
Categories: Cybersecurity, OT-ICS Security, Security Preparedness
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
- Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric | Security Affairs
- Pennsylvania county pays $350,000 cyberattack ransom | The Record
- Massive utility scam campaign spreads via online ads | Malwarebytes Labs
- US House Committee holds hearing on protecting communications networks from foreign threats | Industrial Cyber
- North Korean hackers linked to defense sector supply-chain attack | Bleeping Computer
IT Vulnerabilities
- Over 28,500 Exchange servers vulnerable to actively exploited bug | Bleeping Computer
- Critical ConnectWise ScreenConnect vulnerabilities fixed, patch ASAP! | Help Net Security
- CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks | Security Affairs
- RCE vulnerabilities fixed in SolarWinds enterprise solutions | Help Net Security
- Over 13,000 Ivanti gateways vulnerable to actively exploited bugs | Bleeping Computer
IT Malware, Threats & Risks
- Malvertising: This cyberthreat isn’t on the dark web, it’s on Google | Malwarebytes Labs
- Clean links and sophisticated scams mark new era in email attacks | Help Net Security
- New Qbot malware variant uses fake Adobe installer popup for evasion | Bleeping Computer
- USPS scam smishing campaigns could move to cloud with SNS Sender | SC Media
General Awareness & Resilience
- Remote Access Trojan (RAT): Types, Mitigation & Removal | Sucuri
- How to Defend Against the 10 Most Dangerous Privileged Attack Vectors | Heimdal
- How to Perform User Access Reviews: Template, Process, Checklist | Heimdal
- FBI Dismantles Ubiquiti Router Botnet Controlled by Russian Cyberspies | Security Week