The National Security Agency (NSA) has released an information sheet with guidance on securing wireless devices while in public. This information sheet provides information on malicious techniques used by cyber actors to target wireless devices and ways to protect against it.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
As if ransomware distribution wasn’t effective enough, LockBit 2.0 reportedly has a new feature to keep an eye on. According to researchers, a new version of LockBit 2.0 leverages Active Directory group policies to automate the encryption process. Once actors have gained control of a domain controller, they deploy group policies to:
A Joint Cybersecurity Advisory on the Top Routinely Exploited Vulnerabilities (AA21-209A) was released yesterday. The advisory, coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Europol announces it has launched a new version of its “No More Ransom” website, where visitors can find 121 free tools to decrypt 151 ransomware families. Now in its fifth year, Europol notes the repository has helped more than six million people recover their files for free. Europol also says the revamped website has been modernized and made to be more user-friendly.
The U.K.’s National Cyber Security Centre (NCSC) has launched its “Zero Trust Architecture Design Principles,” providing guidance to help entities design and review a zero trust architecture that meets their unique requirements.
Microsoft has published guidance for mitigating “PetitPotam,” which is described as a classic NTLM Relay Attack that exploits a security flaw in the Windows operating system. If successfully exploited, it forces remote Windows servers to authenticate with an attacker and share NTLM authentication details or authentication certificates.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
July 21, 2021
The Cybersecurity and Infrastructure Security Agency (CISA) updated the Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department advisory with a caveat providing clarification on the original indicators of compromise (page 7).
July 19, 2021
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
