The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
In recent incidents, CISA has observed that malicious cyber actors have obtained system configuration files by exploiting available protocols or software on devices, including the misuse of the legacy Cisco Smart Install feature.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
Recent research conducted by Censys, an internet intelligence platform, provides an extensive analysis of the exposure of industrial control systems (ICS), discovering over 40,000 vulnerable ICS devices in the U.S. alone. Excluding building control and automation protocols, there are approximately 18,000 exposed devices likely controlling critical industrial systems. Additionally, nearly half of the human-machine interfaces (HMIs) associated with water and wastewater systems were found to be vulnerable to manipulation without requiring any authentication.
Today, CISA and the FBI jointly published “Secure by Demand Guide: How Software Customers Can Drive a Secure Technology Ecosystem.” The guide is designed to help organizations drive a secure technology ecosystem by ensuring their software manufacturers prioritize secure technology from the start.
The FBI and CISA recently published an update to the joint Cybersecurity Advisory “#StopRansomware: Royal Ransomware.” The updated advisory provides network defenders with recent and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with BlackSuit variants (previously Royal). FBI investigations identified these TTPs and IOCs as recently as July 2024.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
DigiCert, a leading certificate authority (CA), began revoking thousands of SSL/TLS certificates due to a recently identified domain validation flaw. On July 29, the company informed its customers of the urgent need to revoke these certificates, citing strict compliance requirements set by the CA/Browser Forum (CABF). Initially, it was estimated that about 0.4% of validations were impacted; however, further discussions revealed that more than 83,000 certificates and over 6,800 subscribers were affected.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
