The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Summary: The FBI has released a FLASH report to disseminate 42,000 phishing domains linked to the LabHost phishing-as-a-service (PhaaS) platform between November 2021 and April 2024. The FBI is releasing this information to maximize awareness and provide indicators of compromise that may be used for cyber defense purposes.
Summary: Google Threat Intelligence Group released an analysis covering all zero days it is aware of being exploited in 2024. They tracked 75 zero-day vulnerabilities exploited in the wild in 2024, a decrease from the number they identified in 2023 (98 vulnerabilities), but still an increase from 2022 (63 vulnerabilities). They divided the reviewed vulnerabilities into two main categories: end-user platforms and products (e.g., mobile devices, operating systems, and browsers) and enterprise-focused technologies, such as security software and appliances.
Summary: The FBI’s Internet Crime Complaint Center (IC3) released its 2024 Internet Crime Report. The report draws data from over 850,000 complaints of suspected internet crime reported to the FBI last year.
Summary: The NSA is releasing a Cybersecurity Technical Report (CTR) to share recommendations for security policies and technical requirements for operational technology (OT) smart controller devices installed in National Security Systems (NSS).
Summary: Verizon released the 18th edition of one of the most sought-after annual reports – the Data Breach Investigation Report (DBIR) – which catalogs and analyzes the past year’s trends in cyber crime and provides a comprehensive view of the global threat landscape. This year’s 100-page report covers cyber incidents and data breaches between November 1, 2023, and October 31, 2024, and includes 12,195 confirmed data breaches and 22,052 total incidents in its data set.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
