Vulnerability management is at the core of every cybersecurity program. While managing vulnerabilities in control system environments is challenging – for a variety of reasons – it is still necessary. To make it even more challenging, if it seems the disclosure of vulnerabilities impacting ICS/OT has been more frequent than usual this year, it has.
The Cybersecurity and Infrastructure Security Agency (CISA) has released the fact sheet Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches to address the increase in malicious cyber actors using ransomware to exfiltrate data and then threatening to sell or leak the exfiltrated data if the victim does not pay the ransom. As CISA notes, these data breaches, often involving sensitive or personal information, can cause financial loss to the victim organization and erode customer trust.
While your cyber insurance policy may help alleviate some of the financial costs associated with a ransomware attack, researchers at Advanced Intelligence explain how details of the policy could also be used against you. Recently leaked training material reveals how Conti ransomware attackers exploit legitimate software to gain access to a network and search for cyber insurance policies.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
A new study from the Ponemon Institute finds that the financial costs incurred from phishing scams has significantly increased over the past six years. The report, titled The Ponemon 2021 Cost of Phishing Study, concludes the average annual cost of a phishing scam in 2021 is approximately $15 million for a 9,600-employee organization, or around $1,500 per employee. The study also highlights that the inability for organizations to contain malware is one factor behind the increasing cost of phishing attacks.
Cybercriminals are now leveraging legitimate document signature service platforms to conduct phishing scams according to recent reports. In this campaign, cybercriminals are utilizing free accounts from the cloud-based DocuSign service to trick email recipients into clicking on links that introduce malware into their systems and networks. Although researchers debate the novelty of this tactic, they all agree that these attacks are becoming more prevalent.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Ransomware groups are reportedly utilizing the PrintNightmare vulnerabilities to gain access to Windows devices. Currently, the Magniber ransomware gang is the only known threat group exploiting the PrintNightmare vulnerability. Magniber has been active since October 2017, and while most of the current victims appear to be in South Korea, given the widespread use of Windows Print Spooler and challenges in mitigating, this is a threat to track.
In today’s digitally interconnected global community, almost every organization will experience a data breach at some point. Data breaches come in many forms and include: data accessed by an unauthorized third party, theft of login data, loss of an electronic device, and confidential data distributed to a mailing list. In 2020, more than 37 billion records were exposed at an average cost of $3.86 million per breach.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
