Ransomware resilience is more than just having validated backups to use to restore your systems after a ransomware attack, patching has a lot to do with it too. A security researcher has compiled no less than forty-three (at the time of this writing) technical vulnerabilities across multiple products that ransomware actors are actively exploiting on unpatched devices.
Amid the continued upward trend in ransomware attacks, the U.S Treasury issued a bulletin this morning that begins proposed actions of levying sanctions against cryptocurrency exchanges, wallets, and traders utilized by ransomware groups. At the behest of the Biden Administration, today’s actions include the Department of the Treasury’s Office of Foreign Assets Control’s (OFAC) designation of SUEX OTC, S.R.O.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Under the guise of ‘negotiators don’t care about the victim, they’re only in it for the money,’ at least two ransomware groups have recently upped the ante on their quest for a quick buck – or hundreds of thousands of bucks. Amid the flurry of ransomware attacks, the Grief ransomware group is now threatening to destroy the decryption keys of any victim who hires a professional negotiator. Similarly, the Ragnar Locker ransomware group threatened to release stolen data if the victim contacted law enforcement or a negotiator.
Microsoft recently disclosed that its Windows MSHTML zero-day vulnerability may have possibly been exploited by ransomware gangs. The exploit, tracked as CVE-2021-40444, was revealed on September 7 when Microsoft acknowledged that it had observed the exploit used in limited targeted attacks. Microsoft released a patch for this vulnerability with its September 14th updates.
The Australian Cyber Security Centre (ACSC) has released its second annual report on key cyber threats and statistics from 2020–2021. The report underlines that threat actors have greatly exploited the pandemic environment, ransomware attacks saw a 15 percent increase over the past year, and around 25 percent of all reported cyber incidents were associated with critical infrastructure. WaterISAC encourages members to review the ACSC report more insights and observations.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
As cybersecurity threats continue to proliferate in today’s increasingly interconnected world, it is imperative to generate new strategies for confronting this dynamic threat. For example, before crafting new cyber policies, it is important to understand the bottlenecks impacting your current cybersecurity practices. Likewise, cyber defense isn’t always about technology controls and strategies. Sometimes it may be necessary to address our cultural mindsets from being reactive to proactive through cooperation, communication, and initiative.
Justifying cybersecurity spending is an age-old challenge. Those of us who came through the technology ranks are quite familiar with being a “cost” center and not a money maker. But technology grew to where the many benefits and cost savings to productivity and other facets can be measured.
Prior to this publishing, you may already be aware of the recent Apple security updates released to patch against exploits being attributed to the NSO Group’s Pegasus spyware. According to CitizenLab, the exploit, dubbed FORCEDENTRY has been leveraged since at least February 2021 and is tracked as CVE-2021-30860. CitizenLab describes FORCEDENTRY as a zero-day, zero-click exploit against iMessage that could lead to arbitrary code execution by processing a maliciously crafted PDF. Reuters states it more plainly as, the vulnerability lies in how iMessage automatically renders images.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
