(TLP:CLEAR) Supplemental Cyber Highlights – February 13, 2025

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience & OT/ICS Vulnerability Management

• ICS Patch Tuesday: Vulnerabilities Addressed by Schneider Electric, Siemens | SecurityWeek
• Salt Typhoon’s Impact on the US & Beyond | Dark Reading
• Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign | Security Affairs
• BSidesICS 2025: Rob Lee’s opening keynote sets tone for future of ICS security | Industrial Cyber

IT Vulnerability Security Updates

• February 2025 Patch Tuesday Analysis | Tripwire
• Critical RCE bug in Microsoft Outlook now exploited in attacks | Bleeping Computer
• PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) | Help Net Security  
• Ivanti fixes three critical flaws in Connect Secure & Policy Secure | Bleeping Computer

IT Malware, Threats & Risks

• Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys | Help Net Security

Ransomware

• Dragos Industrial Ransomware Analysis: Q4 2024 | Dragos
• Ransomware payments plummet as more victims refuse to pay | Help Net Security
• Phobos Ransomware Affiliates Arrested in Coordinated International Disruption | Justice.gov
• Chinese espionage tools deployed in RA World ransomware attack | Bleeping Computer

Cyber Resilience, General Awareness, & AI

• Europol Warns Financial Sector of “Imminent” Quantum Threat | Infosecurity Magazine
• Experts Flag Security, Privacy Risks in DeepSeek AI App | Krebs on Security
• Cybersecurity guidance for AI systems, supply chains highlight risks of poisoning, extraction, evasion attacks | Industrial Cyber