Supplemental Cyber Highlights – July 11, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

• State, local governments facing deluge of phishing attacks | SC Magazine
• CISA Takedown of Ivanti Systems Is a Wake-up Call | Dark Reading  
• Bipartisan Senate bill takes aim at ‘overly burdensome’ cybersecurity regs | Cyberscoop
• Beijing accused of misusing Western research to claim Volt Typhoon is a ransomware group | The Record  
• City of Philadelphia says over 35,000 hit in May 2023 breach | Bleeping Computer

IT Vulnerabilities & Security Updates

• Palo Alto Networks Addresses BlastRADIUS Vulnerability, Fixes Critical Bug in Expedition Tool | SecurityWeek
• VMware Patches Critical SQL-Injection Flaw in Aria Automation | SecurityWeek
• Citrix Patches Critical NetScaler Console Vulnerability | SecurityWeek
• Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability | Infosecurity Magazine
• Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) | Help Net Security
• CPR Warns Threat Actors are Leveraging Internet Explorer in New Zero-Day Spoofing Attack (CVE-2024-38112) | Checkpoint
• PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks | The Hacker News
• New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk | The Hacker News

IT Malware, Threats, and Risks

• When spear phishing met mass phishing | Securelist
• Impact of data breaches is fueling scam campaigns | Cisco Talos
• ViperSoftX malware covertly runs PowerShell using AutoIT scripting | Bleeping Computer
• DarkGate: Dancing the Samba With Alluring Excel Files | Unit42
• Hidden between the tags: Insights into spammers’ evasion techniques in HTML Smuggling | Cisco Talos  

Ransomware/Extortion

• New Ransomware Group Exploiting Veeam Backup Software Vulnerability | The Hacker News
• Evolving ransomware attack techniques examined | SC Magazine
• Smash-and-Grab Extortion | The Hacker News

Cyber Resilience & General Awareness

• Input Validation for Web Forms & Website Security | Sucuri  
• Revolutionizing Surveillance: Cameras with AI-Powered Object Detection | Cisco
• The Top 10 AI Security Risks Every Business Should Know | Trendmicro