Supplemental Cyber Highlights – October 3, 2023
Created: Tuesday, October 3, 2023 - 18:11
Categories: Cybersecurity
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT/SCADA Vulnerabilities & Threats
- Protecting the Phoenix: Unveiling Critical Vulnerabilities in Phoenix Contact HMI – Part 2 (Nozomi Networks)
- Johnson Controls cyberattack disrupting operations, may involve sensitive DHS info (The Record)
Critical Infrastructure Resilience
- Transforming Vulnerability Management: CISA Adds OASIS CSAF 2.0 Standard to ICS Advisories (CISA)
- 2022 NCSR: SLTTs Excel in Recovery Planning and Mitigation (CIS)
- A total of 3,681 SLTT government organizations participated in the 2022 NCSR. That’s up from 3,267 participants in the previous year’s report. Of those that participated, 3,122 were local organizations, 466 were state agencies, and 15 were tribal organizations.
- SANS ICS Security Awareness – New Series: Managing Human Risk in Industrial Control System Environments (SANS)
- Protecting Critical Infrastructure With OT Risk Management (Otorio)
- ICS Environments and Patch Management: What to Do If You Can’t Patch (Tripwire)
- Moxa Earns IEC 62443-4-2 Certification for Routers (ISS Source)
- NIST SP 800-82 Rev. 3 Guide to Operational Technology (OT) Security (NIST)
- Distributed ZTNA enables simple and scalable secure remote access to OT assets (Cisco)
- Cyber Resilient 911 Symposium (CISA)
- IT and OT Cybersecurity: Similar But Different (Radiflow)
- What is NERC? Everything you need to know (Tripwire)
IT Malware, Risks, & Threats
- Please share with your older loved ones: “Phantom Hacker” Scams Target Senior Citizens and Result in Victims Losing their Life Savings (FBI)
- Phishing via Dropbox (Check Point)
- Don’t Let Zombie Zoom Links Drag You Down (Krebs on Security)
- Data never dies: The immortal battle of data privacy (Security Intelligence)
- 4 Legal Surprises You May Encounter After a Cybersecurity Incident (Dark Reading)
- Are You Still Storing Passwords In Plain Text Files? (SANS ISC)
IT Vulnerabilities
- Logic Flaws Let Attackers Bypass Cloudflare’s Firewall and DDoS Protection (Heimdal Security)
- Critical zero-days in Exim revealed, only 3 have been fixed (Help Net Security)
- Critical Vulnerabilities: WS_FTP Exploitation (Huntress)
Ransomware
- Ransomware gangs now exploiting critical TeamCity RCE flaw (Bleeping Computer)
- Combating Ransomware Attacks: Insights from Unit 42 Incident Response (Palo Alto Networks)
- 9 essential ransomware guides and checklists available for free (Help Net Security)
- A Closer Look at the Snatch Data Ransom Group (Krebs on Security)
- Meet LostTrust ransomware — A likely rebrand of the MetaEncryptor gang (Bleeping Computer)
- CL0P Seeds ^_- Gotta Catch Em All! (Palo Alto Networks)
Cyber Resilience
- Endpoint security: How to protect end users from themselves (SC Magazine)
- The Path to the Cloud is Filled with Holes: Exploiting 4G Edge Routers (Claroty)
- Network, Meet Cloud; Cloud, Meet Network (Security Week)
Cybersecurity Awareness Month
- This is a good post by Cyware mostly discussing ISACs/ISAOs: Cybersecurity Awareness Month 2023: Why we need more than just cybersecurity awareness (SC Magazine)
- Strong Password Best Practices and MFA (Fortinet)
- AT&T Cybersecurity: championing global cybersecurity education & awareness (AT&T)
General Awareness