Supplemental Cyber Highlights – October 22, 2024
Created: Tuesday, October 22, 2024 - 15:15
Categories: Cybersecurity, OT-ICS Security, Security Preparedness
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience & OT Vulnerability Management
- Critical Vulnerabilities Expose mbNET.mini, Helmholz Industrial Routers to Attacks | SecurityWeek
- What Is Asset Visibility and Why Does It Matter? | Dragos
IT Vulnerability Security Update
- Microsoft blocks Windows 11 24H2 on two ASUS models due to crashes | BleepingComputer
- Fortinet releases patches for undisclosed critical FortiManager vulnerability | HelpNetSecurity
- VMware Struggles to Fix Flaw Exploited at Chinese Hacking Contest | SecurityWeek
IT Malware, Threats & Risks
- Threat actor abuses Gophish to deliver new PowerRAT and DCRAT | Talos
- Latrodectus Malware Increasingly Used by Cybercriminals | SecurityWeek
- Bumblebee Malware Loader Resurfaces Following Law Enforcement Takedown | SecurityWeek
- Over 6,000 WordPress hacked to install plugins pushing infostealers | BleepingComputer
Ransomware
- BlackCat Ransomware Successor Cicada3301 Emerges | SecurityWeek
Cyber Resilience, General Awareness & AI
- 7 risk management mistakes CISOs still make | CSO Online
- A Look at the Social Engineering Element of Spear Phishing Attacks | LevelBlue
- A Comprehensive Guide to Finding Service Accounts in Active Directory | The Hacker News
- Hackers are finding new ways to leverage AI | HelpNetSecurity