Supplemental Cyber Highlights – June 22, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

• Bipartisan Bill Proposes Cybersecurity Funds for Rural Water Systems – Security Week
• Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps – Security Week
• PoC Exploit Published for Cisco AnyConnect Secure Vulnerability – Security Week
• VMware warns of critical vRealize flaw exploited in attacks – Bleeping Computer
• Apple Patches Exploited Vulnerabilities in iOS/iPadOS, macOS, watchOS and Safari – SANS Internet Storm Center
• Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws – Security Week
• Final OT:ICEFALL vulnerability disclosed affecting Schneider tool – The Record
• Chrome and Its Vulnerabilities – Is the Web Browser Safe to Use? – Security Week
• Kremlin-backed hacking group puts fresh emphasis on stealing credentials – The Record
• Keep Job Scams From Hurting Your Organization – Dark Reading