On June 13, the European Union (EU) Parliament passed a resolution characterizing Kaspersky as “confirmed as malicious.” While the resolution is not a ban or legally binding, it does recommend banning the company from information technology used throughout the EU. The vote signals the newest wave of challenges to the company from nations. In September 2017, the U.S.
The NCCIC has released an advisory on command injection, cross-site scripting, and improper input validation vulnerabilities in Schneider Electric U.motion Bulder. Versions prior to 1.3.4 are affected. Successful exploitation of these vulnerabilities could allow remote code execution. Schneider Electric has released firmware update Version 1.3.4, which includes fixes for these vulnerabilities.
Yesterday, the U.S. Department of Justice (DOJ) announced the culmination of “Operation Wire Wire,” a significant coordinated effort by federal departments and agencies to disrupt Business Email Compromise (BEC) schemes. Operation Wire Wire resulted in 74 arrests in the U.S. and overseas, the seizure of nearly $2.4 million, and the disruption and recovery of approximately $14 million in fraudulent wire transfers. BEC is a sophisticated scam that targets employees with access to company finances.
Microsoft has released its monthly update to address vulnerabilities in its software.
On June 14, 2018, Google will roll-out a new G Suite sign-in page and wants users to be aware of the upcoming subtle changes to avoid confusion; G Suite users should familiarize themselves with the new look. There is no doubt Google’s announcement is a positive step to alleviate concern from users thinking they have landed on a phishing page.
As the city of Atlanta continues to recover from the epic ransomware incident that occurred in March, security researchers have discovered a rash of active Wi-Fi phishing attacks around Atlanta City Hall and the Georgia State Capital Building. As the prolonged aftermath of the SamSam ransomware attack plagues Atlanta, malicious actors seek ways to gain unauthorized access to the city's computer systems through phishing for valuable user credentials.
June 7, 2018
The NCCIC has updated this advisory with additional details on mitigating measures. NCCIC/ICS-CERT.
May 17, 2018
The NCCIC has released an advisory on an unquoted search path or element vulnerability in Rockwell RSLinx Classic and FactoryTalk Linx Gateway. Versions 3.90.01 and prior of the former product and versions 3.90.00 and prior of the latter product are affected. Successful exploitation of this vulnerability could allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the affected workstation. Rockwell Automation recommends all users update to new versions of RSLinx Classic and FactoryTalk Linx Gateway.
Recent public research indicates the group responsible for the CRASHOVERRIDE (a.k.a., Industroyer) malware used to disrupt the Ukrainian electric grid in 2016 is expanding its target set, reportedly to include organizations in the water and wastewater sector. Additionally, the group is no longer solely geographically focused on targets within the Ukraine.
The original "Cyber Kill Chain" developed by Lockheed Martin, identifies seven steps adversaries perform to compromise networks and accomplish an objective. TechRepublic posted an article offering basic end-user awareness or endpoint-focused defense actions at each step of the Cyber Kill Chain to stop malicious actors from achieving their ultimate goal.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
