Supplemental Cyber Highlights – January 23, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

• Addressing complexities of zero trust implementation in OT/ICS environments to bolster cybersecurity (Industrial Cyber)
• CISA’s 2023 Year in Review highlights efforts to safeguard critical infrastructure, manage cyber and physical risks (Industrial Cyber)

IT Vulnerabilities/Security Updates

• Protecting Your Network Security from Ivanti Zero-Day Threat (TrendMicro)
• High-Severity Vulnerability Patched in Splunk Enterprise (Security Week)
• ~40,000 Attacks in 3 Days: Critical Confluence RCE Under Active Exploitation (The Hacker News)

IT Malware/Threats/Risks

• Data of 15 million Trello users scraped and offered for sale (HelpNetSecurity)
• Invoice Phishing Alert: TA866 Deploys WasabiSeed & Screenshotter Malware (The Hacker News)
• iPhone, Android Ambient Light Sensors Allow Stealthy Spying (Dark Reading)
• Conditional QR Code Routing Attacks (Checkpoint)

Ransomware

• Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver (TrendMicro)
• Threat Assessment: BianLian (Unit 42)

Cyber Resilience

• Why cyberattacks mustn’t be kept secret (HelpNetSecurity)
• Best practices to implement self-doxxing in organizations (AT&T)
• Top Unexpected Ways to Utilise a Password Manager for Enhanced Security and Organisation (IT Security Guru)
• Resolving Top Security Misconfigurations: What you need to know (Tripwire)