Depending on the size of and resources available at your utility, you may not have implemented a vulnerability management program for your OT infrastructure, let alone for IT. If you have a mature program for OT you are in the minority. However, even if you don’t have a defined program, vulnerability management is a foundational cybersecurity activity that cannot be ignored by anyone.
The infamous Emotet botnet is now being used by attackers to deliver Quantum and BlackCat ransomware, based on a report by the cybersecurity firm AdvIntel. Emotet is a very common malware and AdvIntel has observed 1,267,598 total Emotet infections worldwide during the first nine months of 2022. Emotet typically propagates via email phishing campaigns and often hijacks email threads.
Last week, the Department of Homeland Security (DHS) announced a first-of-its-kind cybersecurity grant program specifically for state, local, and territorial (SLT) governments across the country. This State and Local Cybersecurity Grant Program, made possible by President Biden’s Bipartisan Infrastructure Law, provides $1 billion in funding to SLT partners over four years, with $185 million available for FY22, to support SLT efforts to address cyber risk to their information systems.
Threat actors are exploiting Microsoft Edge’s News Feed to conduct a malvertising campaign by injecting online advertisements and redirecting potential victims to websites pushing tech support scams, according to security researchers at Malwarebytes. This campaign has been ongoing for at least two months and is currently one of the most extensive operations based on the amount of telemetry noise.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
On September 13, 2022, CISA posted an Industrial Control System Advisory (ICSA-22-256-04) regarding Kingspan TMS300 CS water tank management system – provided in WaterISAC’s CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - September 13, 2022.
Threat actors are exploiting the death of Queen Elizabeth II in brand impersonation phishing attacks to steal victims’ Microsoft account credentials, according to security researchers at Proofpoint. The phishing email purports to be from Microsoft and invites recipients to an “artificial technology hub” in the Queen’s honor. The social engineering tactic includes baiting the recipient to open the link so they can sign an online memory board in honor of the Queen.
The Australian Cyber Security Centre (ACSC) recently released an updated version of its Information Security Manual (ISM). The purpose of the ISM is to outline a cybersecurity framework that organizations can apply, using a risk management framework to protect information and systems from cyber threats. The ISM is intended for both executives and network defenders.
Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the National Security Agency (NSA), U.S. Cyber Command Cyber National Mission Force, the U.S. Department of the Treasury, the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), and the United Kingdom’s National Cyber Security Centre (NCSC) published a joint Cybersecurity Advisory (CSA) to highlight continued malicious cyber activity by advanced persistent threat (APT) actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC).
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
