(TLP:CLEAR) Supplemental Cyber Highlights – March 13, 2025
Created: Thursday, March 13, 2025 - 14:36
Categories: Cybersecurity, OT-ICS Security, Security Preparedness
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience & OT/ICS Vulnerability Management
- ICS Patch Tuesday: Advisories Published by CISA, Schneider Electric, Siemens | SecurityWeek
- Idaho and INL lead the charge in cyber-informed engineering to protect water systems | Industrial Cyber
- This is the FBI, open up. China’s Volt Typhoon is on your network | The Register
- Dragos details LELWD’s fight against VOLTZITE cyberattack, following 300-day OT network breach | Industrial Cyber
- Convergence of Cyber and Physical Security: Geolocation Data Hacks and Executive Protection Threat Implications | Kroll
- Palo Alto detects critical vulnerabilities in ICONICS SCADA systems, urges patching and remediation | Industrial Cyber
IT Vulnerability Security Updates
- Microsoft Patch Tuesday: March 2025 | SANS
- Patch Tuesday – March 2025 | Rapid7
- Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers | SecurityWeek
- Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577 | Security Affairs
IT Malware, Threats & Risks
- North Korean government hackers snuck spyware on Android app store | TechCrunch
- 1Password Warning—Beware Of Master Password-Reset Attack | Forbes
Ransomware
- Coalition’s Cyber Threat Index 2025 Finds Most Ransomware Incidents Start with Compromised VPN Devices | Bakersfield
- Black Basta Leak: New Findings Reveal Victim Details | Kela Cyber
Cyber Resilience, General Awareness, & AI