Supplemental Cyber Highlights – January 16, 2025

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience

• ICS Patch Tuesday: Security Advisories Published by Schneider, Siemens, Phoenix Contact, CISA | SecurityWeek
• Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity | The White House
• CISA’s Easterly outlines plan against PRC cyber threats, pushes tech vendors to adopt secure-by-design products | Industrial Cyber  

IT Vulnerability Security Updates

• January Windows updates may fail if Citrix SRA is installed | Bleeping Computer
• Patch Tuesday – January 2025 | Rapid7
• SAP fixes critical vulnerabilities in NetWeaver application servers | Bleeping Computer  
• New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) | Help Net Security
• Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them? | Help Net Security

IT Malware, Threats & Risks

• MikroTik botnet uses misconfigured SPF DNS records to spread malware | Bleeping Computer
• Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer | The Hacker News
• Hackers use FastHTTP in new high-speed Microsoft 365 password attacks | Bleeping Computer  

Ransomware

• FunkSec: The Rising Yet Controversial Ransomware Threat Actor Dominating December 2024 | Check Point
• Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws | The Hacker News

Cyber Resilience, General Awareness, & AI

• Chinese PlugX Malware Deleted in Global Law Enforcement Operation | Infosecurity Magazine
• KnowBe4 Research Confirms Effective Security Awareness Training Significantly Reduces Data Breaches | IT Security Guru
• Malicious actors’ GenAI use has yet to match the hype | Help Net Security