The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Macros have been a long time favorite of users and threat actors alike. Unfortunately, the same automation that macros afford users for efficiency and convenience have also been abused by threat actors to launch cyber attacks - most notably, Excel 4.0 XLM macros in phishing emails. Some organizations globally disable macros, but for those that have not, be advised that Microsoft will begin disabling Excel 4.0 XLM macros by default in Microsoft 365 tenants. This action is designed to protect users from the less secure macros that are still in use (and abuse) today.
While phishing continues to be one of the most common cyber attack techniques – through training and awareness – it is also one of the easiest threats to reduce the likelihood of success. In the interest of Cybersecurity Awareness Week 2, Fight the Phish, IBM’s SecurityIntelligence has a good post on how the key to fight phishing starts in the mind.
A new report by McAfee details the increasing prevalence of ransomware and cloud security threats. The study, Advanced Threat Research Report: Oct - 2021, highlights that ransomware attacks continued to increase and were one of the most prevalent forms of cyberattacks in the second quarter of 2021. In particular, the ransomware group REvil/Sodinokibi accounted for 73 percent of all ransomware detections in the second quarter, according to the report.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The worst time to figure out what you are going to do about an incident is in the middle of the incident – cyber or physical. From fire drills to business continuity exercises, it has become standard practice for organizations to develop and drill on physical incident plans. Conversely, few organizations develop and practice cyber incident response plans, despite the endless barrage of cyber attacks. Organizations with an effective cyber incident response plan will limit damage and reduce recovery time and costs of a cyber incident or attack.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Business email compromise (BEC) attacks cost organizations millions of dollars every year and there are no signs of them abating any time soon. In addition, executive level (C-suite) email accounts are witnessing significant numbers of attacks and their network privileges are making defensive measures more challenging. As such, there are a few simple cyber hygiene measures organizations can implement to protect themselves and mitigate further attacks. First, executives should receive role-based awareness training for recognizing suspicious emails.
A new advanced persistent threat (APT) actor, known as ChamelGang, has been observed targeting aviation and energy companies in Russia and government organizations in at least nine other countries. The threat actor has not been linked to any existing APT and its nationality is unknown. ChamelGang was first detected after it breached a Russian energy firm, which was followed by the APT’s identification by the cybersecurity company Positive Technologies (PT).
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
