The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
On Tuesday, Microsoft’s security researchers published a report detailing a massive phishing-as-a-service campaign known as BulletProofLink. Phishing-as-a-Service offerings, or phishing kits, arm even the most novice threat actors with sophisticated platforms to launch widespread phishing campaigns with little more than a computer and a few hundred dollars. Researchers at Microsoft discovered this operation while investigating a separate phishing operation.
Approximately 100,000 Windows users worldwide have had their credentials leaked due to a flaw in the Microsoft Exchange Autodiscover feature. The Autodiscover feature is used by Microsoft Exchange to automatically configure a user’s email client with their organization’s predefined mail settings. After a user enters their credentials into an email client, the program attempts to authenticate to multiple Exchange Autodiscover URLs. It’s during this process that clear-text credentials could be routed to third-party untrusted websites to be collected.
The Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the NSA have released a Joint Cybersecurity Advisory (CSA) on the Conti ransomware, noting they have observed the increased use of this malware in attacks. The advisory contains technical details on the malware; it also maps the malware’s techniques to the MITRE ATT&CK framework. Additionally, it discusses mitigation measures to reduce the risk of compromise by the Conti ransomware.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Microsoft’s Active Directory (AD) service is rife with potential risk factors providing threat actors with multiple avenues of exploitation. The cybersecurity firm Mandiant reported that 90 percent of the breaches they surveyed exploited AD vulnerabilities. Topping the list of fixable AD vulnerabilities is inadequate authentication security. One of the most pervasive issues is corporate applications allowing users anonymous access to AD.
Trend Micro released its midyear review on cybersecurity threats detected in 2021 thus far. The study, Attacks From All Angles: 2021 Midyear Cybersecurity Report, covers Trend’s observations across ransomware, technical vulnerabilities, the impacts from the pandemic, and more. The report asserts that almost 41 billion threats were identified and blocked in the first six months of this year. Ransomware operations decreased from 14 million in the first half of 2020 to over 7 million during the same period this year.
Ransomware resilience is more than just having validated backups to use to restore your systems after a ransomware attack, patching has a lot to do with it too. A security researcher has compiled no less than forty-three (at the time of this writing) technical vulnerabilities across multiple products that ransomware actors are actively exploiting on unpatched devices.
Amid the continued upward trend in ransomware attacks, the U.S Treasury issued a bulletin this morning that begins proposed actions of levying sanctions against cryptocurrency exchanges, wallets, and traders utilized by ransomware groups. At the behest of the Biden Administration, today’s actions include the Department of the Treasury’s Office of Foreign Assets Control’s (OFAC) designation of SUEX OTC, S.R.O.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
