Supplemental Cyber Highlights – March 14, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

• The Security Floor … Not Secure By Design | Dale Peterson
• ODNI’s 2024 Threat Assessment: China, Russia, North Korea pose major cyber threats amid global instability | Industrial Cyber
• Ande Loader Malware Targets Manufacturing Sector in North America | The Hacker News
• Anatomy of an Attack: Danish Critical Infrastructure | ISS Source
• Top cybersecurity officials stress more funding for federal agencies | CyberScoop

IT Vulnerabilities & Security Updates

• Major CPU, Software Vendors Impacted by New GhostRace Attack | SecurityWeek
• Patch Now: Kubernetes RCE Flaw Allows Full Takeover of Windows Nodes | Dark Reading
• Cisco Patches High-Severity IOS RX Vulnerabilities | SecurityWeek  
• Fortinet Patches Critical Bug in FortiClient EMS | Infosecurity Magazine

IT Malware, Threats & Risk

• SVG Files Abused in Emerging Campaigns | Cofense
• CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign | TrendMicro
• FakeBat delivered via several active malvertising campaigns | Malwarebytes Labs
• The 10 Most Common Website Security Attacks (and How to Protect Yourself) | Tripwire

Ransomware

• The effects of law enforcement takedowns on the ransomware landscape | Help Net Security
• UnitedHealth sought to ease cashflow challenges after Change Healthcare attack | SC Media
• Ransomware review: March 2024 | Malwarebytes Labs

Cyber Resilience & General Awareness

• Cloud Account Attacks Surged 16-Fold in 2023 | Infosecurity Magazine
• Microsoft says Windows 10 21H2 support is ending in June | BleepingComputer
• The Importance of Host-Based Intrusion Detection Systems | Tripwire