Tom Kellermann, CSO of cybersecurity firm Carbon Black, recently published a whitepaper defining what he calls the Cognitive Attack Loop where he suggests it is time for a paradigm shift away from Lockheed Martin’s Cyber Kill Chain for cybersecurity defense.
The Center for Internet Security (CIS) reminds partners to properly dispose of old or unused data and devices in its July 2019 newsletter. Without careful management of online accounts, cloud storage, physical storage, and electronic devices, users could inadvertently disclose sensitive information that can be exploited by cyber criminals. CIS is home to the Multi-State Information Sharing & Analysis Center (MS-ISAC), a WaterISAC partner focused on cyber threat prevention, protection, response, and recovery for U.S. state, local, tribal, and territorial government entities.
The NCCIC has published an advisory on numerous types of vulnerabilities in Prima Systems FlexAir. Versions 2.3.38 and prior are affected. Exploitation of these vulnerabilities may allow an attacker to execute commands directly on the operating system, upload malicious files, perform actions with administrative privileges, execute arbitrary code in a user’s browser, discover login credentials, bypass normal authentication, and have full system access. Prima Systems has released Version 2.5.12 to fix these issues.
Analysis performed of domains used by Fortune 500 companies, U.S. government agencies, and other major organizations reveal nearly 80 percent don’t use DMARC, or Domain-based Message Authentication, Reporting & Conformance. It is a protocol that works on top of email servers that already support the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM). It lets email server administrators put policies in place that can detect when an incoming email is lying about its real "From:" address.
Last Friday marked the third anniversary of the “No More Ransom” initiative that has helped more than 200,000 victims of ransomware recover their files free of charge since it was first launched in July 2016. The initiative is a public-private partnership, which includes Europol’s European Cybercrime Centre (EC3), that offers the victims of ransomware an alternative solution to losing their files or having to pay the demanded money to the criminals.
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of vulnerabilities affecting multiple Virtual Private Network (VPN) applications. A remote attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages administrators to review the following security advisories and apply the necessary updates.
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State ISAC (MS-ISAC), both WaterISAC partners, have joined with the National Governors Association and the National Association of State Chief Information Officers in releasing a statement recommending state and local governments take immediate action to safeguard against ransomware attacks.
Business email compromise (BEC) scammers are now targeting company customers using a new indirect attack method designed to collect information on future scam targets by asking for aging reports from collections personnel. Aging reports, also known as a schedule of accounts receivable, are sets of outstanding invoices which allow a company's financial department to keep track of customers who haven't yet paid services or goods.
The National Cyber Security Alliance (NCSA) has announced the theme for this year’s National Cybersecurity Awareness Month (NCSAM), which is recognized every October. With the overarching theme of “Own IT. Secure IT. Protect IT.,” the NCSA says NCSAM 2019 will focus on encouraging personal accountability and proactive behavior in security best practices and digital privacy and draw attention to careers in cybersecurity. As it has in past years, WaterISAC will distribute its own messaging using the NCSAM theme.
The NCCIC has published an advisory on improper restriction of XML external entity reference and uncontrolled resource consumption vulnerabilities in Mitsubishi Electric FR Configurator2. Versions 1.16S and prior are affected. Successful exploitation of these vulnerabilities may enable arbitrary files to be read or cause a denial-of-service condition. Mitsubishi Electric has released Version 1.17T for the reported vulnerabilities. The NCCIC also advises of a series of measures for mitigating the vulnerabilities.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
