(TLP:CLEAR) Supplemental Cyber Highlights – March 27, 2025

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience

• Hearing: Salt Typhoon: Securing America’s Telecommunications from State-Sponsored Cyber Attacks | Committee on Oversight
• Threat landscape for industrial automation systems in Q4 2024 | SecureList
• Australia expands cybersecurity coverage with Systems of National Significance designation, boosts cyber defenses | Industrial Cyber
• Strengthening OT Security: Aligning with the Australian Energy Sector Cyber Security Framework (AESCSF) | Dragos

IT Vulnerability Security Updates

• VMware Patches Authentication Bypass Flaw in Windows Tools Suite | SecurityWeek
• CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) | Help Net Security
• CVE-2025-29891 – Bypass/Injection vulnerability in Apache Camel | Broadcom
• IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX | WIZ

IT Malware, Threats & Risks

• Cloud Threats on the Rise: Alert Trends Show Intensified Attacker Focus on IAM, Exfiltration | Unit42
• Six Key Takeaways From the SANS 2025 Threat Hunting Survey | Intel471

Ransomware

• Shifting the sands of RansomHub’s EDRKillShifter | We Live Security
• Russian Ransomware Gang Exploited Windows Zero-Day Before Patch | SecurityWeek

Cyber Resilience, General Awareness, & AI

• How To Proactively Mitigate The DPRK IT Worker Employment Scam | Nisos
• The 7 technology trends that could replace passwords | Bleeping Computer
• A CISO’s guide to securing AI models | Help Net Security
• The Biggest Supply Chain Hack Of 2025: 6M Records Exfiltrated from Oracle Cloud affecting over 140k Tenants | CloudSEK