The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Additional Alerts, Updates, and Bulletins
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
In a recent blog post, Nitin Natarajan, Deputy Director at CISA, highlighted the threat to U.S. critical infrastructure by nation-state and cybercriminal organizations around the globe. The world has witnessed increasingly frequent attacks against small and medium sized businesses, including K-12 schools, water utilities, and healthcare organizations over the last several years. Natarajan notes that these specific sectors are at elevated risk as they are generally seen as highly profitable “target-rich, cyber poor” organizations.
This week, the White House launched the U.S. Cyber Trust Mark, an initiative allowing consumers of internet-connected devices to verify if these devices are secure. The FCC decided in a bipartisan and unanimous vote to authorize the U.S. Cyber Trust Mark and adopt final rules for the official label that will be applied to certified products.
Yesterday, Ivanti released security updates for two vulnerabilities affecting multiple products, including Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for Zero Trust Access (ZTA) gateway.
The extent of the Salt Typhoon Campaign targeting telecommunications continues to unfold as additional communications companies have been allegedly breached. Charter Communications, Consolidated Communications, and Windstream have all been reportedly breached by the Chinese attackers. Ann Neuberger, White House deputy national security adviser for cyber and emerging technologies, said that nine U.S.
Over the weekend, industrial networking communications provider Moxa sent a security advisory warning of two high-severity vulnerabilities that impact various models of its cellular routers, secure routers, and network security appliances.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Barracuda Networks recently analyzed the threats facing the water and wastewater sector and highlighted a number of challenges for U.S. water and wastewater utilities. Based on previous and recent EPA reporting, Barracuda assessed that a significant number of the 152,000 public drinking water systems in the U.S.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
