Threat actors are exploiting Microsoft Edge’s News Feed to conduct a malvertising campaign by injecting online advertisements and redirecting potential victims to websites pushing tech support scams, according to security researchers at Malwarebytes. This campaign has been ongoing for at least two months and is currently one of the most extensive operations based on the amount of telemetry noise.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
On September 13, 2022, CISA posted an Industrial Control System Advisory (ICSA-22-256-04) regarding Kingspan TMS300 CS water tank management system – provided in WaterISAC’s CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - September 13, 2022.
Threat actors are exploiting the death of Queen Elizabeth II in brand impersonation phishing attacks to steal victims’ Microsoft account credentials, according to security researchers at Proofpoint. The phishing email purports to be from Microsoft and invites recipients to an “artificial technology hub” in the Queen’s honor. The social engineering tactic includes baiting the recipient to open the link so they can sign an online memory board in honor of the Queen.
The Australian Cyber Security Centre (ACSC) recently released an updated version of its Information Security Manual (ISM). The purpose of the ISM is to outline a cybersecurity framework that organizations can apply, using a risk management framework to protect information and systems from cyber threats. The ISM is intended for both executives and network defenders.
Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the National Security Agency (NSA), U.S. Cyber Command Cyber National Mission Force, the U.S. Department of the Treasury, the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), and the United Kingdom’s National Cyber Security Centre (NCSC) published a joint Cybersecurity Advisory (CSA) to highlight continued malicious cyber activity by advanced persistent threat (APT) actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC).
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Business email compromise (BEC) and vendor email compromise (VEC) are accurately and often discussed as impersonation-style cyber attacks where threat actors purport to be someone we have an existing trust relationship with. The intent of this ruse is to give phishing ploys a level of credibility to increase the chance of success. Some impersonation-style attacks are little more than amateurs attempting to spoof a trusted sender.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Threat Actors could exploit GIFs in Microsoft Teams to conduct phishing attacks, exfiltrate data, bypass security controls, and perform command execution via a novel attack technique dubbed “GIFShell.” The new attack technique chains together multiple security vulnerabilities in Microsoft Teams to compromise potential victims.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
