The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories
Recent analysis by Cofense describes how threat actors are using virtual hard drive files to bypass security scanners, including widely used email security appliances from Cisco, Proofpoint, and FireEye.
Notable analysis details include:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience & OT Vulnerability Management
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
On October 22, 2024, CISA Released One Industrial Control Systems Advisory for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
Israeli organizations have been targeted by a malicious email campaign impersonating the IT security company ESET. By utilizing the systems of Comsecure, the exclusive distributor of ESET products within Israel, an unknown threat actor is sending an otherwise seemingly legitimate email, signed by ESET’s Advanced Threat Defense team, that encourages recipients to download a .zip file and execute a malicious .exe containing a wiper program.
SANS has released its 2024 State of ICS/OT Cybersecurity report, which offers key insights and benchmarks for industrial cybersecurity programs worldwide through a survey of 530 professionals. Based on inputs from cyber professionals across multiple critical infrastructure sectors, it provides actionable guidance as to how organizations can manage industrial cyber risk effectively.
Key insights from the report include:
CSO Online has published an article revealing details on a recent ICS/OT-related cyberattack targeting the water system of Stanton, Texas. Despite only serving a population of 2,700, Russia-linked hacktivists still breached the utility’s network in order to access a human-machine interface (HMI) and manipulate its settings. Due to the threat actor’s inexperience, they were only capable of randomly changing settings, resulting in the loss of some untreated water. However, a more sophisticated state adversary with the same level of access could cause more significant damage.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience & OT Vulnerability Management
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
