Supplemental Cyber Highlights – October 12, 2023
Created: Thursday, October 12, 2023 - 18:42
Categories: Cybersecurity
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT/SCADA Vulnerabilities & Threats
- 10 zero-day vulnerabilities in industrial cell router could lead to code execution, buffer overflows (Talos Intelligence)
- Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks (Security Week)
- Simpson Manufacturing shuts down IT systems after cyberattack (Bleeping Computer)
IT Vulnerabilities & Threats
- What to know about the HTTP/2 Rapid Reset DDoS attacks (Talos Intelligence)
- Windows 11 21H2 and Windows Server 2012 reach end of support (Bleeping Computer)
- Long-awaited curl vulnerability flops (Cyberscoop)
- Microsoft: State hackers exploiting Confluence zero-day since September (Bleeping Computer)
Ransomware
- Dark Angels | ESXi Ransomware Borrows Code & Victimology From RagnarLocker (SentinelOne)
- Microsoft Defender Thwarts Large-Scale Akira Ransomware Attack (The Hacker News)
- Ransomware review: October 2023 (Malwarebytes)
General Awareness
- Exchange Online mail delivery issues caused by anti-spam rules (Bleeping Computer)
- Microsoft Defender now auto-isolates compromised accounts (Bleeping Computer)