Supplemental Cyber Highlights – May 28, 2024
Created: Tuesday, May 28, 2024 - 18:47
Categories: Cybersecurity, OT-ICS Security, Security Preparedness
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
- Rockwell Automation Urges Customers to Disconnect ICS From Internet | SecurityWeek
- Chinese hackers hide on military and govt networks for 6 years | Bleeping Computer
- NRECA secures $4 million in DOE funding to boost electric co-op cybersecurity preparedness | Industrial Cyber
- Threat landscape for industrial automation systems, Q1 2024 | Securelist
- Claroty reports critical OT assets vulnerable to internet exploitation; release of xDome Secure Access | Industrial Cyber
- Claroty’s Team82 exposes critical vulnerabilities in Honeywell’s ControlEdge UOC’s EpicMo protocol | Industrial Cyber
- Why email attacks still loom as a major threat to critical infrastructure sectors | SC Magazine
IT Vulnerabilities & Security Updates
- Google Patches Fourth Chrome Zero-Day in Two Weeks | SecurityWeek
- Vulnerable Atlassian Confluence instances exceed 200K | SC Magazine
IT Malware, Threats & Risks
- Researchers Warn of CatDDoS Botnet and DNSBomb DDoS Attack Technique | The Hacker News
- Russian Hackers Shift Tactics, Target More Victims with Paid Malware | Hackread
- Top Cloud Services Used for Malicious Website Redirects in SMS Scams | Hackread
Ransomware
- Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern | The Hacker News
- New ShrinkLocker ransomware uses BitLocker to encrypt your files | Bleeping Computer
Cyber Resilience & General Awareness