(TLP:CLEAR) Supplemental Cyber Highlights – January 30, 2025
Created: Thursday, January 30, 2025 - 13:52
Categories: Cybersecurity, OT-ICS Security, Security Preparedness
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
- Building Automation Protocols Increasingly Targeted in OT Attacks: Report | SecurityWeek
- Need to build robust industrial supply chain security while considering emerging technologies | Industrial Cyber
- Threat Actors Exploit Government Website Vulnerabilities for Phishing Campaigns | Cofense
- National security risks in routers, modems targeted in bipartisan Senate bill | CyberScoop
IT Vulnerability Security Updates
- More than 2,000 SonicWall devices vulnerable to critical zero-day | The Record
- Apple fixes this year’s first actively exploited zero-day bug | Bleeping Computer
- Hackers exploit critical unpatched flaw in Zyxel CPE devices | Bleeping Computer
- VMware fixed a flaw in Avi Load Balancer | Security Affairs
- Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution | The Hacker News
IT Malware, Threats & Risks
- Cybersecurity crisis in numbers | Help Net Security
- CrowdStrike Highlights Magnitude of Insider Risk | Dark Reading
Ransomware
- Ransomware gang uses SSH tunnels for stealthy VMware ESXi access | Bleeping Computer
- 58% of Ransomware Victims Forced to Shut Down Operations | Infosecurity Magazine
- Lynx Ransomware Group ‘Industrializes’ Cybercrime With Affiliates | Dark Reading
- New Hellcat Ransomware Gang Employs Humiliation Tactics | Infosecurity Magazine
Cyber Resilience, General Awareness, & AI
- FBI seizes major cybercrime forums in coordinated domain takedown | CyberScoop
- Cyber Insights 2025: Social Engineering Gets AI Wings | SecurityWeek
- AI in Cybersecurity: What’s Effective and What’s Not – Insights from 200 Experts | The Hacker News
Related WaterISAC PIRs: 6, 7, 8, 10, 12