The FBI has published a TLP:GREEN FLASH warning that FIN7 cyber actors are targeting U.S. businesses through USB keystroke injection attacks. The FLASH indicates that since November 2021, the cyber criminal group FIN7 has been observed targeting the US defense industry with a package containing a fraudulent thank you letter, counterfeit Amazon gift card, and a USB device.
As we enter another year of the pandemic, employees working from home and in the office has become the norm across many industries. This hybrid work model greatly increases the attack surface for threat actors to exploit. Thus, the beginning of the new year, when many reevaluate organizational strategies, may be a good time to review existing cyber defenses in regard to the hybrid work environment. Email and enterprise-grade tools/applications could be a good place to start.
This week, Microsoft issued an Out-of-band (OOB) update to resolve Remote Desktop issues affecting Windows server products. While this is not a security update, it is notable for utilities relying on Remote Desktop that might be experiencing performance issues. According to Microsoft, users “might experience a black screen, slow sign in, or general slowness. You might also be unable to use Remote Desktop to reach the server. In some circumstances, the server might stop responding.” As of January 5, Microsoft released OOB updates for all Windows Server versions.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Most Advanced Persistent Threat (APT) groups are not focused on the size of an organization, but whether an organization can help them achieve their objective. That objective might be espionage or sabotage and it’s the significance of the organization toward accomplishing the objective, not the size, that matters. As a matter of fact, APT groups often leverage smaller targets such as supply chain partners or vendors as an entry point to larger attacks.
2021 experienced several significant cyber attacks and incidents, many of which may have been prevented by practicing a few basic cybersecurity best practices. Thus, in the spirit of New Year’s resolutions, cybersecurity firm ESET drafted a list of ten cybersecurity bad practices to break for 2022. This list is reminiscent of the Bad Practices Catalog that CISA started last year and includes common bad habits to break such as using outdated software, poor password hygiene, and not thinking before clicking.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
With the holiday season upon us and many taking time off or otherwise distracted, it’s important to remember to be vigilant for cyber scams designed to leverage the “most happiest time of the year.” Therefore, WaterISAC continues sharing posts on awareness of various holiday scams.
Amid the holiday season and COVID-19 activity, threat actors are continuing to use phishing themes designed to elicit an emotional response to get users to click before they think. To increase members’ situational awareness, WaterISAC is highlighting three current phishing campaigns.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
