According to insurance company AIG, business email compromise (BEC) has overtaken ransomware and data breaches as the main reason companies filed a cyber-insurance claim. According to statistics published by the company in July, which was for the EMEA (Europe, the Middle East, and Asia) region, BEC-related insurance filings accounted for nearly a quarter (23%) of all cyber-insurance claims the company received in 2018.
The NCCIC has published an advisory on an authentication bypass using an alternate path of channel vulnerability in Datalogic AV7000 Linear Barcode Scanner. All versions prior to 4.6.0.0 are affected. Successful exploitation of this vulnerability could allow a remote attacker to bypass authentication through issues in the HTTP authentication process. Datalogic reports a new version of the firmware was released to mitigate the reported vulnerability. The NCCIC also recommends a series of measures to mitigate the vulnerability.
The NCCIC has published an advisory on a buffer overflow vulnerability in enteliBUS Controllers. Multiple products and versions of these products are affected. Successful exploitation of this vulnerability could allow an attacker on the same network to gain complete control of the device’s operating system and allow remote code execution. Delta Controls recommends users upgrade from enteliBUS 3.40 firmware to Version 3.40 R6 build 612850. Additionally, Delta Controls states it is important buildings are updated to the 3.40 R6 release to mitigate risk.
The ongoing process of asset management is foundational for assessing, prioritizing, and managing risk across the entire organization. Without knowing what assets you have, there is nothing meaningful to inform other risk management programs such as vulnerability management, governance, incident response, etc. WaterISAC's 15 Cybersecurity Fundamentals for Water and Wastewater Utilities discusses the importance of including asset characteristics beyond just a list of devices for a comprehensive inventory record.
When internet giants Microsoft and Google make bold statistics about stopping greater than 99% of automated attacks by using multifactor authentication (MFA), it is probably a good idea to heed their advice. According to Alex Weinert, Group Program Manager for Identity Security and Protection at Microsoft, based on their studies, accounts are more than 99.9% less likely to be compromised when using MFA.
In the wake of the outbreak of ransomware attacks against more than 20 Texas local governments (as WaterISAC reported in its August 20 Security and Resilience Update and in an August 21 advisory), DHS Cybersecurity and Infrastructure Security Agency (CISA) Director Chris Krebs encouraged organizations to apply the le
If you are not monitoring network activity, you will not detect an attack when it happens. Without the ability to detect threats within your environment, adversaries will go unnoticed. According to numerous findings by CISA during its cybersecurity assessments, while most organizations enable logging, many fail to aggregate relevant logs to a centralized log management system or SIEM (security information and event management) for correlation and analysis.
Phishing defense firm Cofense has observed a new phishing campaign targeting national grid utility infrastructure. The new campaign includes what appears to be a PDF attachment, but is actually a jpg file with an embedded malicious hyperlink directing users to a malicious webpage that downloads Adwind RAT (also known as jRAT, AlienSpy, JSocket, etc.). Adwind RAT evades most antivirus and antimalware detection and foils sandbox analysis.
Cyber insurance policies are not new, but until recent years they lacked maturity. While cyber insurance is still evolving, it is becoming a necessity in cybersecurity resilience strategy. Cisco Talos Intelligence Group published a post covering some key points all businesses should know about cyber insurance. It is important to understand that not all cyber policies are created equal, and it is likely no two policies are the same. Cyber policies are not plug ’n play like traditional vehicle insurance policies and each policy is customized on a case-by-case basis.
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a one-page document addressing considerations in light of the outbreak of ransomware attacks against the nation’s networks. CISA observes that the ransomware infections being reported and discussed in the news are just part of the picture, as many more incidents are not being disclosed.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
