The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
As cybersecurity threats continue to proliferate in today’s increasingly interconnected world, it is imperative to generate new strategies for confronting this dynamic threat. For example, before crafting new cyber policies, it is important to understand the bottlenecks impacting your current cybersecurity practices. Likewise, cyber defense isn’t always about technology controls and strategies. Sometimes it may be necessary to address our cultural mindsets from being reactive to proactive through cooperation, communication, and initiative.
Justifying cybersecurity spending is an age-old challenge. Those of us who came through the technology ranks are quite familiar with being a “cost” center and not a money maker. But technology grew to where the many benefits and cost savings to productivity and other facets can be measured.
Prior to this publishing, you may already be aware of the recent Apple security updates released to patch against exploits being attributed to the NSO Group’s Pegasus spyware. According to CitizenLab, the exploit, dubbed FORCEDENTRY has been leveraged since at least February 2021 and is tracked as CVE-2021-30860. CitizenLab describes FORCEDENTRY as a zero-day, zero-click exploit against iMessage that could lead to arbitrary code execution by processing a maliciously crafted PDF. Reuters states it more plainly as, the vulnerability lies in how iMessage automatically renders images.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Attention: If your utility uses Fortinet FortiOS SSL VPNs, you are encouraged to review this activity and address accordingly, especially if you haven’t applied security updates since 2018. WaterISAC has previously advised members of active exploitation of the vulnerability referenced in this post (CVE-2018-13379) and urged members to address older patches for Fortinet devices – see (Fortinet
The ransomware group REvil has just reappeared after going offline shortly after its attack on Kaseya over the July 4th weekend. REvil is responsible for some of the most disruptive ransomware attacks. For example, in June, REvil targeted Brazil’s JBS SA, one of the world’s largest meat suppliers. In July, REvil exploited a zero-day vulnerability in the Kaseya VSA remote management software to encrypt approximately 60 managed service providers (MSPs) and more than 1,500 of its clients. Shortly after these high-profile attacks, REvil’s online infrastructure went dark for no apparent reason.
Attention: Given widespread use of Microsoft Windows and Office applications that potentially use this component, system administrators are encouraged to review available advisories for CVE-2021-40444 and address accordingly for impacted systems within their environment. CISA has posted a current activity report, Microsoft Releases Mitigations and Workarounds for CVE-2021-40444.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
A recent cybersecurity report found that organizations frequently miss the warning signs associated with an insider threat. The study, The State of Insider Threats 2021: Behavioral Awareness & Visibility Remain Elusive, surveyed 1,249 cyber professionals and utilized their responses along with thousands of past insider threat investigations and incidents to formulate its results.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
