It’s October! And while many are thinking pumpkin spice and everything nice, in the cybersecurity realm October has become synonymous with National Cybersecurity Awareness Month (NCSAM). But given cyber is a part of everyday life and a cost of doing business, NCSAM isn’t just for cybersecurity, it’s for everybody. Cybersecurity is a shared responsibility among all people.
In honor of National Cybersecurity Awareness Month (NCSAM), WaterISAC will cover each of our 15 Cybersecurity Fundamentals during the month of October. We dubbed the series, ‘15 Cybersecurity Fundamentals Awareness Month’ (15CFAM). The goal of 15CFAM is to provide reminders along with additional resources not previously included in the current guide. Members can track ongoing posts through the Resource Center on our portal with the ‘15CFAM’ tag.
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published an alert providing specific Chinese government and affiliated cyber threat actor tactics, techniques, and procedures (TTPs) and recommended mitigations In light of heightened tensions between the U.S. and China. CISA is providing this information to assist in the protection of the nation’s critical infrastructure. In addition to recommendations listed in the mitigations section of the alert, CISA recommends organizations take the following actions:
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have jointly published the Ransomware Guide, which details practices organizations should engage in to help manage the risk posed by ransomware. The guide consist of two parts, with the first providing best practices to prevent attacks and the second consisting of a response checklist.
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has released the Telework Essentials Toolkit, a comprehensive resource of telework best practices. The Toolkit provides three personalized modules for executive leaders, IT professionals, and teleworkers. Each module outlines distinctive security considerations appropriate for their role:
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis report on a recent threat actor’s cyber attack on a federal agency’s enterprise network.
CISA has published an advisory on SQL injection, cross-site request forgery, and command injection vulnerabilities in MB connect line mbCONNECT24 and mymbCONNECT 24. For both products, versions 2.6.1 and prior are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to gain unauthorized access to arbitrary information or allow remote code execution. MB connect line recommends users update mymbCONNECT24 and mbCONNECT24 to Version 2.6.2 or higher. CISA also recommends a series of measures to mitigate the vulnerabilities.
CISA has published an advisory on path traversal, uncontrolled resource consumption, information exposure, improper authentication, and information disclosure vulnerabilities in B&R Automation SiteManager and GateManager. Numerous versions of these products are affected. Successful exploitation of these vulnerabilities could allow for arbitrary information disclosure, manipulation, and a denial-of-service condition. B&R Industrial Automation reports the vulnerabilities have been fixed in other versions. CISA also recommends a series of measures to mitigate the vulnerabilities.
CISA has published an advisory on a buffer copy without checking size of input vulnerability in Yokogawa WideField3. WideField3 R1.01 – R4.-3 are affected. Successful exploitation of this vulnerability could terminate the program abnormally. Yokogawa has prepared revision R4.04 to address this vulnerability and recommends that users switch to this revision. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
They say “knowledge is power.” Therefore, knowing what assets you have, knowing where your vulnerabilities are (and fixing them), and knowing how to handle an incident and respond when your assets are compromised and vulnerabilities are exploited would seem to be a powerful advantage in cyber risk management. We know these are not the only programs for a successful ICS cyber risk management strategy, but one could argue they are foundational.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
