The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Ransomware attacks continued to be a significant threat to industrial organizations and infrastructure with threat actors employing old and novel tactics to compromise victims, according to Dragos’ most recent first quarter of 2023 Industrial Ransomware Analysis report.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
The Cybersecurity and Infrastructure Security Agency (CISA) has announced plans to develop and establish Logging Made Easy (LME) tool, a service originally developed and maintained by the United Kingdom’s National Cyber Security Centre (NCSC-UK) until March 31, 2023.
Microsoft has posted a blog providing details on Mint Sandstorm, a threat actor group previously labeled PHOSPHORUS and who is believed to be associated with the Islamic Revolutionary Guard Corps, the intelligence arm of Iran’s military. Over the past year, the group has shifted from network reconnaissance activities to actively targeting U.S. critical infrastructure, including the energy, transportation systems, and chemical sectors.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Qbot malware is once again propagating by exploiting companies email chains, allowing the threat actors behind the malware to compromise more victims and conduct other malicious activities, according to security researchers at Kaspersky.
Yesterday, CISA released the Software Bill of Materials (SBOM) Sharing Lifecycle Report to the cybersecurity and supply chain community.
WaterISAC continues to expand its list of Champions with Luminary Automation, Cybersecurity and Engineering, LLC (Luminary A.C.E.). Luminary A.C.E. is a certified minority-owned and veteran-owned cybersecurity consulting, technology, and engineering firm. They act as a vendor-neutral strategic partner for water and wastewater utilities by assessing, implementing, and managing OT infrastructure to increase operational resilience and cybersecurity readiness.
Help Net Security has written an article discussing the merits of wargaming to help build well-practiced data breach response processes. The author argues that drilling a wide variety of “what if” scenarios is an effective way for security teams to add new annexes to their existing incident response playbooks, as well as practice emergency communications in a risk-free environment.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
