The Cybersecurity and Infrastructure Security Agency (CISA) has published an advisory on the release of Spring updates that address the remote code execution (RCE) vulnerability CVE-2022-22965, also known as “Spring4Shell.” Cloud Function versions 3.1.7 and 3.2.3 and Spring Framework versions 5.3.18 and 5.2.20 are available on the Spring by VMWare blog.
Security researchers have identified a new remote access trojan (RAT) malware, dubbed Borat, available on criminal marketplaces which allows threat actors to deploy ransomware, conduct DDoS attacks, user account control (UAC) bypass, and more. It is unknown if Borat is sold or shared for free among cyber criminals, but researchers note the malware is distributed as a highly modular comprehensive package allowing criminals to mix and match technical exploits that can be tailored for targeted attacks.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
This week, the FBI announced another global law enforcement operation that successfully disrupted Business Email Compromise (BEC) schemes. BEC scams typically target employees of businesses that make payments via wire transfers. These fraudsters usually gain access to a company’s email accounts or spoof their email addresses to send legitimate sounding and well-timed requests for wire transfers, according to the FBI. Over a three-month period, the FBI conducted Operation Eagle Sweep, where they arrested 65 suspected BEC fraudsters in the U.S. and overseas.
Today is World Backup Day and in honor of this celebration WaterISAC is reminding all members of the importance of keeping multiple secure backups to ensure the security and resilience of their data and technical operations. One of the most efficient methods for backing up your data is the “3-2-1” approach. The first part entails maintaining three separate copies of the data, one is the original version and the other two serve as backups. Second, two backup copies should be stored on different types of media, such as an external thumb drive, tape drive, or cloud infrastructure.
The FBI has published a TLP:WHITE Private Industry Notification (PIN) warning that ransomware attacks are straining local U.S. governments and public services. The FBI has been tracking cyber actors conducting ransomware attacks on local government agencies that have resulted in disrupted operational services, risks to public safety, and financial losses. Based on victim incident reporting, the Government Facilities Sector (GSF) was the second highest victimized sector of ransomware attacks, between January and December 2021.
Over the past couple of days a developing situation regarding a remote code execution (RCE) vulnerability in Java’s Spring Framework has been surrounded with hype and rumors. Given the confusion, here are a few points and resources to explain.
Despite the seemingly sensationalized and similar nickname, until more is known, this vulnerability is not assessed to be as serious as “log4shell.” However, given this is an RCE vulnerability, utilities are encouraged to have their system administrators review available information and assess impact within your environment.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Act Now: Members are urged to address this information with the utmost scrutiny and timeliness.
Threat actors continue leveraging the U.S. tax season across multiple campaigns to scam unsuspecting victims. Last week, WaterISAC reported on a tax-themed phishing campaign that led to Emotet infections.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
