The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
In light of increased malicious cyber activity and the common tactic of actors deploying attacks when staffing is thin, the White House and CISA are offering tips for critical infrastructure and other businesses during the holiday season.
A December 16, 2021 White House memo to the business community offered several recommendations:
If you utilize UKG (formerly Kronos) for human resources needs (e.g. payroll, time and attendance, etc.), you are aware of the ransomware incident that befell them on December 11 that affected the Kronos Private Cloud (KPC). Likewise, if you weren’t already convinced how a cyber incident on one of your vendors/partners could have direct negative impact on your internal operations, you are now. Hopefully, the impacted organizations had effective business continuity processes in place to react to this outage that Kronos expects to last several weeks.
WaterISAC convened its monthly Water Sector Cyber Threat Briefing on December 15. WaterISAC Director of Infrastructure Cyber Defense Jennifer Lyn Walker presented.
Multiple Australian organizations have been impacted by Conti ransomware attacks in November and December 2021, according to the Australian Cyber Security Centre (ACSC). The ransomware attacks have occurred across multiple sectors, such as electric utilities and healthcare. According to an ACSC advisory, “Victims have received demands for ransom payments.
Security researchers at Microsoft have broken down the attack chain of the Qbot malware into distinct “building blocks,” to help defenders understand and ultimately thwart the various tactics threat actors employ to infiltrate and then deploy the Qbot malware. Qbot is a widespread Windows malware cyber criminals use to steal credentials, propagate to other systems and networks, and provide remote access to ransomware groups. Qbot usually spreads via phishing campaigns or by another malware infection.
Yesterday, WaterISAC sent a general advisory regarding the Log4j (CVE-2021-44228) vulnerability. Given the ubiquitous use of the Log4j Java logging library and ease and severity of exploitation, members are encouraged to review and take immediate action to assess the impact and address any vulnerability within their environments.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Since last month’s re-emergence of Emotet – Everybody’s Email Enemy #1 – we’ve observed its rekindling with Trickbot to spread and propensity for proliferating ransomware attacks. However, the last 10 months since its global takedown effort appear to have been time well-spent for the malware as it has come up with some new tricks.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
