For individuals

Organizations in the U.S. water and wastewater sector have been given new cybersecurity best practices guidance by the Cybersecurity and Infrastructure Security Agency, the Environmental Protection Agency, and the FBI following an Office of the Inspector General report noting inadequate federal collaboration with the industry despite escalating cybersecurity threats, reports The Record, a news site by cybersecurity firm Recorded Future.

TechCrunch reports that U.S. global apparel and footwear company VF Corporation, which owns Vans, The North Face, and Supreme, had data from 35.5 million customers compromised in a cyberattack last month, which has been claimed by the ALPHV/BlackCat ransomware operation.

Supply chain attacks possible with TensorFlow CI/CD misconfigurations TensorFlow instances on GitHub and PyPi could have been subjected to supply chain attacks involving the exploitation of continuous integration and continuous delivery vulnerabilities within the open-source machine learning framework, reports The Hacker News.

SecurityWeek reports that seven vulnerabilities within the open-source industrial automation platform Rapid SCADA used in monitoring and control system development continue to be unaddressed despite being reported by Claroty researchers in July, placing sensitive industrial systems at risk.

Attackers have been compromising vulnerable Docker services with the XMRig cryptocurrency mining malware and the 9HIts Viewer software as part of a novel hacking campaign that not only exfiltrates cryptocurrency but also generates fake website traffic, The Hacker News reports.

Remote access tool TeamViewer has been exploited in new ransomware attacks for initial network access and LockBit ransomware-based encryptor deployment, reports BleepingComputer.

A changing regulatory and enforcement environment means the smart CISO might need to shift how they work this year.

Three Microsoft applications can leak hashed passwords in just one or two clicks, researchers say.

Ivanti reported that it believes malicious code has been added to exploited Connect-Secure and Policy Secure products that allows a threat actor future access, even after mitigation is applied.

Attackers have increasingly leveraged the widely used remote access tool, installed on hundreds of millions of endpoints, to break into victim environments.