Cybersecurity

Threat Awareness – Threat Actors Continue Experimenting with Alternative Techniques Since Microsoft Disabled Macros

Weaponized Microsoft documents were a highly favored technique until Microsoft put the kibosh on macros in files received from the internet last year. As such, WaterISAC been tracking the various tactics threat actors have migrated to. According to Proofpoint, Microsoft’s action has resulted in a monumental shift in activity and threat behavior over the last year in a way not previously observed by threat researchers.

Read more about Threat Awareness – Threat Actors Continue Experimenting with Alternative Techniques Since Microsoft Disabled Macros

Detailed Incident Reports: What Everyone Wants, but Few are Willing to Share – Even Anonymously

-by Jennifer Lyn Walker

Read more about Detailed Incident Reports: What Everyone Wants, but Few are Willing to Share – Even Anonymously

CISA Releases White Paper Highlighting R&D Needs and Strategic Actions for Enhancing the Resilience of Critical Infrastructure

Yesterday, CISA shared the release of a new white paper on Research, Development, and Innovation for Enhancing Resilience of Cyber-Physical Critical Infrastructure: Needs and Strategic Actions.

Read more about CISA Releases White Paper Highlighting R&D Needs and Strategic Actions for Enhancing the Resilience of Critical Infrastructure

Vulnerability Awareness – New Microsoft Outlook Zero-Day Exploit Does Not Require User Action (Updated May 11, 2023)

May 11, 2023

Previously Patched Microsoft Outlook Zero-Day Can be Bypassed if New Update is not Applied

Read more about Vulnerability Awareness – New Microsoft Outlook Zero-Day Exploit Does Not Require User Action (Updated May 11, 2023)

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – May 11, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – May 11, 2023

Ransomware Resilience – Report: Organizations Using Backups to Recover from Ransomware See Lower Recovery Costs

Sophos has released its The State of Ransomware 2023 report, which concludes that “independent of revenue, geography, or industry, ransomware continues to be major threat to organizations.” Sophos supports this conclusion with that fact that the number of ransomware victims whose data was encrypted by their victimizer has grown to 76 percent, the highest the report has seen since it began in 2020.

Read more about Ransomware Resilience – Report: Organizations Using Backups to Recover from Ransomware See Lower Recovery Costs

Threat Awareness – Malvertising Campaign Utilizing New Loader to Drop Aurora

Recent analysis by Malwarebytes highlights how threat actors continue leveraging malvertising in various ways to proliferate malware. Malwarebytes posted a blog discussing a recently observed advertising campaign directing victims to download a new loader labeled Invalid Printer, which later delivers Aurora malware as a payload. The attack begins as users click on a potentially risky ad, which redirects them to a full-screen browser window mimicking a Windows security update.

Read more about Threat Awareness – Malvertising Campaign Utilizing New Loader to Drop Aurora

Ransomware Preparedness – Two Years After Colonial Pipeline Attack, U.S. Critical Infrastructure Still Not Prepared for Ransomware

It’s been two years since the ransomware attack on the Colonial Pipeline, which many observers view as a watershed moment in cybersecurity. While many positive strides have been made since the attack, which CISA details in a recent blog post, other analysts argue the threat from ransomware is still growing and impacting critical infrastructure organizations.

Read more about Ransomware Preparedness – Two Years After Colonial Pipeline Attack, U.S. Critical Infrastructure Still Not Prepared for Ransomware

Joint Cybersecurity Advisory – Hunting Russian Intelligence “Snake” Malware

WaterISAC regularly provides awareness of recent CISA reporting. While direct relevance to your utility/organization on the details of each report may vary, activity alerts like this are practical for general awareness of active threats and adversary capabilities.

Read more about Joint Cybersecurity Advisory – Hunting Russian Intelligence “Snake” Malware

Security Awareness – Microsoft Phishing Attack Redirects Victims to a Catering Voice Recording

Security researchers at Cofense recently observed credential phishing campaigns that use a novel deception technique, directing victims to a voice recording that lures them into a false sense of security after they’ve provided their Microsoft credentials.

Read more about Security Awareness – Microsoft Phishing Attack Redirects Victims to a Catering Voice Recording

You are here

Cybersecurity

Threat Awareness – Threat Actors Continue Experimenting with Alternative Techniques Since Microsoft Disabled Macros

Detailed Incident Reports: What Everyone Wants, but Few are Willing to Share – Even Anonymously

CISA Releases White Paper Highlighting R&D Needs and Strategic Actions for Enhancing the Resilience of Critical Infrastructure

Vulnerability Awareness – New Microsoft Outlook Zero-Day Exploit Does Not Require User Action (Updated May 11, 2023)

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – May 11, 2023

Ransomware Resilience – Report: Organizations Using Backups to Recover from Ransomware See Lower Recovery Costs

Threat Awareness – Malvertising Campaign Utilizing New Loader to Drop Aurora

Ransomware Preparedness – Two Years After Colonial Pipeline Attack, U.S. Critical Infrastructure Still Not Prepared for Ransomware

Joint Cybersecurity Advisory – Hunting Russian Intelligence “Snake” Malware

Security Awareness – Microsoft Phishing Attack Redirects Victims to a Catering Voice Recording

Pages

You are here

Cybersecurity

Pages

Footer Email Signup