Supplemental Cyber Highlights – May 9, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

• Data Centre Operations: Cooling Systems Are Possible Targets for Operational Disruption | Dragos
• Any number given of Volt Typhoon victims ‘likely an underestimate,’ CISA says | The Record
• CISA wants ‘high-quality feedback’ for another month on CIRCIA rule | The Record  
• Fact Sheet: Biden-⁠Harris Administration Releases Version 2 of the National Cybersecurity Strategy Implementation Plan | The White House

IT Vulnerabilities & Security Updates

• F5 Patches Dangerous Vulnerabilities in BIG-IP Next Central Manager | SecurityWeek
• Citrix Addresses High-Severity Flaw in NetScaler ADC and Gateway | Dark Reading
• Veeam fixes RCE flaw in backup management platform (CVE-2024-29212) | Help Net Security
• Remote access risks on the rise with CVE-2024-1708 and CVE-2024-1709 | Security Intelligence
• New Spectre-Style ‘Pathfinder’ Attack Targets Intel CPU, Leak Encryption Keys and Data | The Hacker News

IT Malware, Threats & Risks

• Findings Show MFA Bypass in Microsoft Azure Entra ID Using Seamless SSO | HeackRead
• Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery | The Hacker News  
• New attack leaks VPN traffic using rogue DHCP servers | Bleeping Computer
• The hacker’s toolkit: 4 gadgets that could spell security trouble | We Live Security
• Cyber Threat Research: Poor Patching Practices and Unencrypted Protocols Continue to Haunt Enterprises | IT Security Guru

Ransomware

• Shields Up: How to Minimize Ransomware Exposure | SecurityWeek
• 97% of organizations hit by ransomware turn to law enforcement | Help Net Security