(TLP:CLEAR) Supplemental Cyber Highlights – July 10, 2025
Created: Thursday, July 10, 2025 - 14:40
Categories: Cybersecurity, OT-ICS Security, Security Preparedness
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
- Iranian ransomware group offers bigger payouts for attacks on Israel, US | The Record
- Chinese Hacker Xu Zewei Arrested for Ties to Silk Typhoon Group and U.S. Cyber Attacks | The Hacker News
- C-suites step up on OT cybersecurity, and it’s paying off | Help Net Security
- Canadian Electric Utility Says Power Meters Disrupted by Cyberattack | SecurityWeek
IT Vulnerability Security Updates
- Microsoft’s July 2025 Patch Tuesday Addresses 128 CVEs (CVE-2025-49719) | Tenable
- Ivanti, Fortinet, Splunk Release Security Updates | SecurityWeek
- Adobe Patches Critical Code Execution Bugs | SecurityWeek
- SAP security advisory – July 2025 monthly rollup (AV25-402) | Canadian Centre for Cyber Security
IT Malware, Threats & Risks
- Browser Exploits Wane as Users Become the Attack Surface | Dark Reading
- BaitTrap: Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally | The Hacker News
- Infostealers-as-a-Service Push Identity Hacks to Record Highs | Hackread
- Amazon Prime Day 2025: Deals Await, But So Do the Cyber Criminals | Check Point
Ransomware
- Ingram Micro starts restoring systems after ransomware attack | Bleeping Computer
- Trend Micro flags BERT: A rapidly growing ransomware threat | CSO Online
- Scattered Spider weaves web of social-engineered destruction | CyberScoop
- Over 500 Scattered Spider Phishing Domains Poised to Target Multiple Industries | Infosecurity Magazine
Cyber Resilience, General Awareness, & AI
- Lock It Down: Why MFA Isn’t Optional Anymore | Gate 15
- Microsoft confirms Windows Server Update Services (WSUS) sync is broken | Bleeping Computer
- Fix the Click: Preventing the ClickFix Attack Vector | Unit 42
- MSPs Under More Scrutiny From Customers on Cyber Than Ever | IT Security Guru
- What Security Leaders Need to Know About AI Governance for SaaS | The Hacker News
- Trump seeks unprecedented $1.23 billion cut to federal cyber budget | CSO Online