Yesterday, CISA, the FBI, and MS-ISAC released a joint Cybersecurity Advisory (CSA) concerning the successful exploitation of a .NET deserialization vulnerability in the Progress Telerik user interface (UI) software (CVE-2019-18935). Successful exploitation of the vulnerability provided threat actors with remote code execution capabilities on a federal network.
Today, CISA, the FBI, and MS-ISAC released a joint Cybersecurity Advisory (CSA) to provide network defenders with known LockBit 3.0 ransomware indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) identified through FBI investigations as recently as March 2023.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Cloudflare has released a list of the top 50 brands that phishing URLs impersonate in an effort to make employees more aware of which types of emails in their inbox they should be most skeptical. The top five brands include AT&T Inc., Paypal, Microsoft, DHL, and Facebook.
The NSA has released a Cybersecurity Information Sheet titled “Advancing Zero Trust Maturity throughout the User Pillar” that provides recommendations for maturing identity, credential and access management (ICAM) capabilities. Noting the increased trend in threat actors targeting users and user accounts, the NSA promotes the use of the Zero Trust framework by organizations looking to achieve a more maturity cybersecurity posture.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The FBI’s Internet Crime Complaint Center (IC3) recently published its 2022 Internet Crime Report. The study draws data from 800,944 complaints of suspected internet crime reported to the FBI last year.
CISA has announced the establishment of the Ransomware Vulnerability Warning Pilot (RVWP). Through the RVWP, CISA will determine vulnerabilities commonly associated with known ransomware exploitation and warn critical infrastructure entities of those vulnerabilities.
Industrial Cyber has written an article discussing the importance of critical infrastructure protection through the lens of four industry experts, including WaterISAC’s director of infrastructure cyber defense Jennifer Lyn Walker and Health-ISAC’s president and CEO Denise Anderson.
Action may be Required: Tomorrow (March 14, 2023), it will no longer be possible to disable the Microsoft DCOM hardening patch. This could result in the disruption of critical communications between ICS/SCADA/OT devices.
In other words, if ICS/OT/SCADA devices suddenly stop communicating after applying the Microsoft DCOM patch from March 14, 2023, it may be practical to consider this as a possible cause during your troubleshooting efforts.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
