The Dutch National Cyber Security Centre (NCSC) has released a fact sheet on the increasing difficulty of Domain Name System (DNS) monitoring. NCSC warns that although modernization of transport protocols is helpful, it also makes it more difficult to monitor or modify DNS requests. These changes could render an organization’s security controls ineffective.
The US National Security Agency (NSA) and the UK National Cyber Security Centre (NCSC) have released advisories on advanced persistent threat (APT) actors exploiting multiple vulnerabilities in Virtual Private Network (VPN) applications, specifically those produced by Pulse Connect Secure, Fortinet, and Palo Alto Networks. According to the advisories, a remote attacker could exploit these vulnerabilities to take control of an affected system.
To mark the beginning of National Cybersecurity Awareness Month (NCSAM), the FBI has published an article discussing the gravity of cybersecurity challenges and providing tips and links to resources to help organizations confront the threats.
The FBI’s Internet Crime Complaint Center (IC3) has released a Public Service Announcement (PSA) regarding the constantly evolving ransomware threat. According to the PSA, ransomware attacks are becoming more targeted, sophisticated, and costly, even as the overall frequency of attacks remains consistent. Since early 2018, the incidence of broad, indiscriminate ransomware campaigns has sharply declined, but the losses from ransomware attacks have increased significantly, according to complaints received by IC3 and FBI case information.
WaterISAC Lead Analyst Chuck Egli has written an article for the California Water Environment Association (CWEA) encouraging employees do their part to prevent cyber incidents at their utilities on the occasion of National Cybersecurity Awareness Month (NCSAM). Chuck highlights some of the actions employees should take given this year’s NCSAM theme of “Own IT. Secure IT. Protect IT.” These include measures for staying safe on social media, being prepared to spot and avoid phishing emails, and using WiFi in a secure manner.
Last Thursday, Acting Director of National Intelligence Joseph Maguire testified that cyber threats are the most significant risks the nation faces. “We do face significant threats, I’d say No. 1 is not necessarily kinetic, it’s cyber, this is a cyber war,” Maguire said while testifying before the House Intelligence Community, his first appearance before the body. Maguire made these comments after being asked by Representative Will Hurd what he saw as the “greatest threats” to the country in his capacity as leader of the intelligence community.
Exim has released a security update to address a vulnerability affecting Exim versions 4.92 to 4.92.2. A remote attacker could exploit this vulnerability to take control of an affected email server. CISA encourages users and administrators to review the Exim CVE-2019-16928 page and upgrade to Exim 4.92.3. Read the advisory at CISA.
The Multi-State Information Sharing and Analysis Center (MS-ISAC) – a WaterISAC partner – has published an advisory on a vulnerability in PHP, a programming language originally designed for use in web-based applications with HTML content. According to MS-ISAC, this vulnerability could allow an attacker to execute arbitrary code. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Failed exploitation could result in a denial-of-service condition.
CISA has published an advisory on an unquoted search path or element vulnerability in several Yokogawa products. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow a local attacker to execute malicious files. Yokogawa has provided countermeasures for the vulnerability in each of the affected products. CISA has also provided a series of measures for mitigating this vulnerability. Read the advisory at CISA.
CISA has published an advisory on improper input validation and improper access control vulnerabilities in Moxa EDR 810. Versions 5.1 and prior are affected. Successful exploitation of these vulnerabilities could allow remote code execution or access to sensitive information. Moxa recommends users update to the latest firmware, v5.2, or later. CISA has also provided a series of measures for mitigating this vulnerability. Read the advisory at CISA.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
