The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Security researchers at Advanced Intelligence (AdvIntel) believe threat actors associated with TrickBot malware have partnered with the Conti ransomware gang, according to a recent report. TrickBot is a highly modular, multi-stage malware that has been active since 2016. TrickBot has survived a takedown attempt and helped relaunch the Emotet malware.
The Cybersecurity and Infrastructure Security Agency (CISA) has compiled and published a list of free cybersecurity services and tools to help organizations reduce cybersecurity risk and strengthen resiliency. Before reviewing the free tools and services, CISA strongly recommends organizations take specific foundational measures to implement a strong cybersecurity program.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The FBI has published a Public Service Announcement (PSA) regarding the increasing practice of Business Email Compromise (BEC) in conjunction with virtual meeting platforms to commit fraud against companies and their employees.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
The Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (AA22-047A) highlighting ongoing targeting of U.S. cleared defense contractors (CDCs) by Russian state-sponsored cyber actors.
Threat actors have been observed compromising Microsoft Team accounts to access the chat feature and then propagate malware to users in the chat, according to security researchers at Avanan. These attacks start with the threat actor uploading an executable file called “User Centric” to fool the user into executing it on their system. This issue may be exacerbated by the lack of robust security protection in Teams, including the lack of file scanning. Given the widespread use and inherent trust of Teams, users are likely to open files that have been shared.
The practice of working from home has been a blessing and a curse for many, but according to a recent survey, working remotely may be increasing digital anxiety among workers. Analysis from cybersecurity firm F-Secure reveals that 67 percent of remote workers reported they increasingly worry about their online security and privacy. This is not totally surprising, given that before working from home most individuals expected someone at their company to ensure their cybersecurity and data privacy.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
