Supplemental Cyber Highlights – November 16, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

• 21 Vulnerabilities Discovered in Crucial IT-OT Connective Routers (Dark Reading)
• Why You Need SCADA Security Monitoring and Tips for Implementation (Synsaber)
• 4 Essential Benefits of an OT Asset Management Platform (Nozomi Networks)
• The Power of LTE 450 for Critical Infrastructure (Cisco)
• Cyberattack on North Carolina county allowed hackers to access data (The Record)
• Dragos Industrial Ransomware Analysis: Q3 2023 (Dragos)

IT Threats & Risks

• Domain Squatting and Brand Hijacking: A Silent Threat to Digital Enterprises (Hack Read)
• Meet the Unique New “Hacking” Group: AlphaLock (Bleeping Computer)

Ransomware

• C3RB3R Ransomware | Ongoing Exploitation of CVE-2023-22518 Targets Unpatched Confluence Servers (Sentinel One)
• Half of Ransomware Groups Operating in 2023 Are New (Infosecurity Magazine)
• Ransomware review: November 2023 (Malware Bytes)
• Investigating the New Rhysida Ransomware (Fortinet)
• Ransomware Roundup – NoEscape (Fortinet)

Cyber Resilience & General Awareness

• Stories from the SOC: Proactive steps to protect customers from misconfigured MFA (AT&T)
• How prepared is your company for a supply chain attack? (AT&T)
• 7 common mistakes companies make when creating an incident response plan and how to avoid them (Talos)
• Threat Intel: To Share or Not to Share is Not the Question (Security Week)
• How to stay protected on the web this holiday season (Zscaler)

Technical Posts (for security analysts, sysadmins, and other nerds)

• Clickjacking: Not Just for the Clicks (TrustedSec)
• Noticing command and control channels by reviewing DNS protocols (SANS Internet Storm Center)