The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases One Industrial Control Systems Advisory
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
Fortinet has posted a blog discussing Google’s launch of the .zip Top Level Domain and the challenges that presents for network defenders.
SC Magazine has written an article discussing the unprecedented scope of the MOVEit vulnerability’s exploitation by criminal threat actors, especially the Cl0p ransomware group. Nearly 370 organizations have either been identified as victims by Cl0p or have confirmed that they were victims themselves.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT/SCADA Cybersecurity
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Seven Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
CISA has developed and published a factsheet, Free Tools for Cloud Environments, to help organizations transitioning into a cloud environment identify the proper tools and techniques necessary for the protection of critical assets and data security.
Check Point has written a blog covering its recent analysis of global cyber attack statistics and findings that Q2 of 2023 saw the highest number of average weekly cyber attacks in 2 years. Globally, this translates to organizations having faced an average of 1258 attacks per week, an 8 percent increase overall.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT – Vulnerabilities, Threats & Risks
It’s been no secret that the March 3, 2023 EPA memo on Addressing PWS Cybersecurity in Sanitary Surveys or an Alternate Process has been challenged from the beginning and has faced legal opposition. Yesterday, the U.S. Court of Appeals for the 8th Circuit in St. Louis granted a stay of the memo, thus temporarily suspending the current EPA guidance.
Note: WaterISAC does not maintain a position on this action, we are providing this development for your awareness.
Relevant coverage:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
