Supplemental Cyber Highlights – September 12, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience

• What You Need in ICS Network Visibility & Monitoring Software | Dragos
• Using Transparency & Sharing to Defend Critical Infrastructure | Dark Reading

IT Vulnerabilities & Security Update

• Progress Software fixed a maximum severity flaw in LoadMaster | Security Affairs
• Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) | Help Net Security
• Critical SonicWall SSLVPN bug exploited in ransomware attacks | Bleeping Computer
• Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342) | Help Net Security
• Bug Left Some Windows PCs Dangerously Unpatched | Krebs on Security

IT Malware, Threats & Risks

• The 2024 Threat Landscape State of Play | Cisco Talos
• Quad7 botnet targets more SOHO and VPN routers, media servers | Bleeping Computer
• Business Email Compromise Costs $55bn Over a Decade | Infosecurity Magazine

Ransomware/Extortion

• How Law Enforcement’s Ransomware Strategies Are Evolving | Dark Reading
• CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub | The Hacker News
• RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software | Bleeping Computer

Cyber Resilience, General Awareness & AI

• Living off the land, GPO style | PenTestPartners
• How to defend against brute force and password spray attacks | Bleeping Computer  
• Best practices for implementing the Principle of Least Privilege | Help Net Security