Canary Trap’s Bi-Weekly Cyber Roundup

This bi-weekly roundup highlights several ongoing and recent cybersecurity developments: DEF CON’s Franklin Project to assess and harden U.S. water utilities; a November 17, 2024 cyberattack on gambling firm IGT (possible ransomware); proposed U.S. Senate legislation to strengthen healthcare cybersecurity; an active exploitation campaign dubbed Operation Lunar Peek leveraging CVE-2024-0012 and CVE-2024-9474 against Palo Alto Networks appliances; a sophisticated APT28 “nearest neighbor” Wi‑Fi attack that pivoted through a neighboring organization; and the DOJ’s charges against members of the Scattered Spider phishing group responsible for widespread credential theft and cryptocurrency theft.