The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Since last month’s re-emergence of Emotet – Everybody’s Email Enemy #1 – we’ve observed its rekindling with Trickbot to spread and propensity for proliferating ransomware attacks. However, the last 10 months since its global takedown effort appear to have been time well-spent for the malware as it has come up with some new tricks.
On Tuesday, Google took significant steps to disrupt and degrade the Glupteba botnet, which now controls over 1 million Windows PCs worldwide. Glupteba is a blockchain-enabled modular malware that has targeted Windows devices globally since at least 2011. Threat actors can then use the infected devices for malign purposes, such as stealing credentials or personally identifiable information.
The cybersecurity firm G DATA just released a vaccine for the STOP ransomware variant. This decryption tool is notable given that STOP ransomware is one of the most active ransomware variants in the wild that no one talks about. In fact, of the thousands of ID Ransomware submissions received every day, during active ransomware periods, 60 to 70 percent are STOP ransomware submissions. The vaccine does not prevent an initial infection of the ransomware.
Last week, WaterISAC shared a use case about the recent plan of the East Cherry Creek Valley Water and Sanitation District to upgrade its PLCs, RTUs, radios, SCADA system—and cybersecurity—in its water treatment system.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The holidays are many peoples’ favorite time of year, this is especially true for scammers. This year’s holiday season is no different, with scam campaigns looking to trick you into providing confidential information. Thus, in the spirit of holiday sharing, WaterISAC is highlighting three current scams for our members’ awareness.
New research from Trend Micro sheds light on the potential factors behind the recent surge in ransomware attacks, namely, cyber-criminal marketplaces offering initial access to threat actors. Over the past two years, demand for initial access has grown so much that many dark web markets now have a dedicated “Access-as-a-Service” section. The researchers divided access brokers into three categories: opportunistic sellers, dedicated brokers whose services are often used by smaller ransomware groups, and online shops that provide RDP and VPN credentials.
A small electric cooperative was the apparent victim of a ransomware attack that caused significant disruption and damage last month. On November 7, Delta-Montrose Electric Association (DMEA) discovered a breach on its internal enterprise network. As a result of the attack, the utility lost 90 percent of its enterprise network functions and large amounts of data, including saved documents and spreadsheets.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
