November 21, 2023
Today, an update was issued for CISA's and the FBI's joint Cybersecurity Advisory (CSA) on Scattered Spider. The updates are included in the mitigation strategies section of the product. The updated CSA is posted below.
November 16, 2023
In response to cyber attacks that have intensified in both volume and impact and the vulnerabilities within the nation’s critical infrastructure, CISA has announced the beginning a new pilot program that is focused on certain sectors. The water and wastewater sector is among them and can expect to be offered “cutting-edge” cybersecurity services, such as CISA’s Protective Domain Name System (DNS) Resolver.
Today, CISA, the FBI, the Multi-State Information Sharing & Analysis Center (MS-ISAC), and the Australian Signals Directorate’s Australian Cyber Security Center (ASD’s ACSC) released a joint Cybersecurity Advisory (CSA), #StopRansomware: LockBit Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability (along with an accompanying analysis report MAR-10478915-1.v1 Citrix Bleed), in response to LockBit 3.0 ransomware affiliates and multiple threat actor groups exploiting CVE-2023-4966.
A critical vulnerability (CVE-2023-43177) in CrushFTP allows hackers to access files, execute code, and steal passwords. Although a fix was issued in version 10.5.2, a recent public exploit by Converge demands immediate updates for CrushFTP users. This exploit lets attackers read, delete files, and potentially gain total control over systems using specific web ports and functions in CrushFTP.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
Yesterday, CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), “#StopRansomware: Rhysida Ransomware”, to provide network defenders with known Rhysida ransomware indicators of compromise (IOCs), detection methods, and tactics, techniques, and procedures (TTPs) identified through investigations as recently as September 2023.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Fourteen Industrial Control Systems Advisories
This week, CISA released its Roadmap for Artificial Intelligence—in alignment with White House Executive Order 14110: Safe, Secu
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
