Supplemental Cyber Highlights – September 19, 2023
Created: Tuesday, September 19, 2023 - 17:45
Categories: Cybersecurity
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
- Alert – Distributed Denial of Service campaign targeting multiple Canadian sectors (Canadian Center for Cyber Security)
- ICS Computers in Western Countries See Increasing Attacks: Report (Security Week)
- BLASTPASS: Government agencies told to secure iPhones against spyware attacks (Tripwire)
IT Vulnerabilities
- Thousands of Juniper devices vulnerable to unauthenticated RCE flaw (Bleeping Computer)
- ThemeBleed exploit is another reason to patch Windows quickly (Malwarebytes)
IT Malware, Threats & Risks
- When MFA isn’t actually MFA (Retool)
- Microsoft promises to act as Teams continues to get pummeled by phishing attacks (SC Media)
- Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets (Microsoft)
- 5 Examples of DNS IoCs That Are Red Flags for Cyberattacks (Heimdal)
- Threat actors target remote endpoints to conduct BECs, steal credentials and load malware (SC Magazine)
- Watch out, this LastPass email with “Important information about your account” is a phish (Malwarebytes)
- Shelter from the storm – lessons learned from the Storm-0558 Microsoft email attacks (CSO Online)
- Payment Card-Skimming Campaign Now Targeting Websites in North America (Dark Reading)
- Microsoft Azure Data Leak Exposes Dangers of File-Sharing Links (Dark Reading)
Ransomware
- Malware distributor Storm-0324 facilitates ransomware access (Microsoft)
- LockBit Is Using RMMs to Spread Its Ransomware (Dark Reading)
Cyber Resilience & General Awareness
- CISA panel pitches idea of a National Cybersecurity Alert System (The Record)
- Spidering Through Identity for Profit and Disruption (Huntress)
- A One-Two Punch for Security ROI (Security Week)
- California enacts first-of-its-kind bill targeting data brokers (The Record)
Technical Posts (for security analysts, sysadmins, and other nerds)
- Okta for Red Teamers (TrustedSec)
- Internet Wide Multi VPN Search From Single /24 Network (Internet Storm Center)