Supplemental Cyber Highlights – July 30, 2024
Created: Tuesday, July 30, 2024 - 19:16
Categories: Cybersecurity, OT-ICS Security, Security Preparedness
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
CrowdStrike
- Microsoft shifts focus to kernel-level security after CrowdStrike incident | CSO
- CrowdStrike Outage Themed Maldoc | SANS Technology Institute
- Some good may come out of the CrowdStrike outage | Help Net Security
Critical Infrastructure
- Columbus reports cyber incident as multiple cities recover from ransomware attacks | The Record
- Suspected ALPHV/BlackCat successor sets sights on South Carolina town police | SC Magazine
- Securing remote access to mission-critical OT assets | Help Net Security
IT Vulnerabilities & Security Updates
- Critical ServiceNow RCE flaws actively exploited to steal credentials | Bleeping Computer
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327) | Help Net Security
- PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models | SecurityWeek
- Acronis warns of Cyber Infrastructure default password abused in attacks | Bleeping Computer
- Google fixes Chrome Password Manager bug that hides credentials | Bleeping Computer
IT Malware, Threats & Risks
- Millions of Websites Susceptible XSS Attack via OAuth Implementation Flaw | SecurityWeek
- Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services | Krebs on Security
Ransomware/Extortion
- Microsoft Says Ransomware Gangs Exploiting Just-Patched VMware ESXi Flaw | SecurityWeek
- Basta Ransomware Operator Tactics Undergo ‘Notable Shift’ | Duo Security
- Walmart Discovers New PowerShell Backdoor Linked to Zloader Malware | Infosecurity Magazine
- SEXi / APT Inc Ransomware – What You Need To Know | Tripwire
- Re-Extortion: How Ransomware Gangs Re-Victimize Victims | Tripwire
Cyber Resilience, General Awareness & AI
- Why security awareness training needs to modernize | SC Magazine
- DNSSEC explained: Why you might want to implement it on your domain | CSO
- Three ways to mitigate AI-based supply chain attacks | SC Magazine
- Offensive AI: The Sine Qua Non of Cybersecurity | The Hacker News
- How to Write a Generative AI Cybersecurity Policy | Trendmicro