Supplemental Cyber Highlights – June 6, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

• CISA advisors urge changes to JCDC’s goals, operations, membership criteria | The Record
• Panel advises CISA on how to improve industry-government collaboration project | Cyberscoop

IT Vulnerabilities & Security Updates

• Vulnerability in Cisco Webex cloud service exposed government authorities, companies | Help Net Security
• Vulnerabilities Patched in Kiuwan Code Security Products After Long Disclosure Process | SecurityWeek
• Zyxel issues emergency RCE patch for end-of-life NAS devices | Bleeping Computer  
• Details of Atlassian Confluence RCE Vulnerability Disclosed | SecurityWeek

Ransomware

• Resurgence of Ransomware: Mandiant Observes Sharp Rise in Criminal Extortion Tactics | SecurityWeek

IT Malware, Threats & Risks

• AI fuels rise in attacks from ‘unsophisticated threat actors,’ federal cyber leaders say | Fedscoop
• #Infosec2024: Supply Chains Remain Hidden Threat to Business | Infosecurity Magazine
• TargetCompany’s Linux Variant Targets ESXi Environments | Trendmicro

Cyber Resilience & General Awareness

• What is the Standard of Good Practice for Information Security? | Tripwire
• NIST Commits to Plan to Resume NVD Work | Dark Reading