Cybersecurity

Report – Verizon’s 2024 Data Breach Investigations Report (DBIR)

Verizon released its 2024 Verizon Data Breach Investigations Report yesterday, the 17th edition of one of the most sought-after annual reports – the DBIR – which catalogs and analyzes the past year’s trends in cyber crime and provides a comprehensive view of the global threat landscape. This year’s 100-page report covers cyber incidents and data breaches between November 1, 2022, and October 31, 2023, and includes a record 10,626 confirmed data breaches and 30,500 total incidents in its data set.

Read more about Report – Verizon’s 2024 Data Breach Investigations Report (DBIR)

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – May 2, 2024

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – May 2, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Three Industrial Control Systems Advisories

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – May 2, 2024

Supplemental Cyber Highlights – April 30, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

Read more about Supplemental Cyber Highlights – April 30, 2024

General Awareness: Opinion Piece on “America’s small-town water systems are global cyber targets. Is your city next?”

WaterISAC is providing this for your awareness only.

Read more about General Awareness: Opinion Piece on “America’s small-town water systems are global cyber targets. Is your city next?”

Cyber Resilience During National Small Business Week

As part of National Small Business Week, CISA is sharing practical steps to secure your environment against cyber attacks. As small businesses often don’t have the resources to invest in cybersecurity, they become a target for cyber criminals.

Read more about Cyber Resilience During National Small Business Week

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 30, 2024

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 30, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Three Industrial Control Systems Advisories

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 30, 2024

Supplemental Cyber Highlights – April 25, 2024

Critical Infrastructure

Read more about Supplemental Cyber Highlights – April 25, 2024

Report – Behavioral Patterns of Ransomware Groups are Changing According to the GRIT 2024 Ransomware Report

GuidePoint Security’s GRIT Q1 2024 Ransomware Report observes major shifts in the behavioral patterns of ransomware groups following law enforcement activity. According to the report, Q1 closed with a significant year-over-year increase in both the number of reported ransomware victims and the number of overall ransomware groups.

Read more about Report – Behavioral Patterns of Ransomware Groups are Changing According to the GRIT 2024 Ransomware Report

IT-ISAC Report – Exploring the Depths: An Analysis of the 2023 Ransomware Landscape and Insights for 2024

The Information Technology – Information Sharing and Analysis Center (IT-ISAC) recently released a ransomware report titled Exploring the Depths: An analysis of the 2023 Ransomware Landscape and Insights for 2024 (see attached). The report uses data drawn from open-source sites, the dark web, member input, and information shared between National Council of ISAC members. The IT-ISAC tracked 18 new ransomware groups in 2023 and highlights how new ransomware strains continue to emerge despite recent law enforcement efforts.

Key takeaways from the report include:

Read more about IT-ISAC Report – Exploring the Depths: An Analysis of the 2023 Ransomware Landscape and Insights for 2024

Vulnerability Awareness – Cisco Patches Two Zero-days Exploiting Firewall Platforms

Given widespread use of Cisco ASA and FTD, WaterISAC is emphasizing these vulnerabilities for awareness. Members using impacted Cisco ASA devices and FTD software are strongly encouraged to address promptly.

Yesterday, Cisco released security updates to address ArcaneDoor—exploitation of Cisco Adaptive Security Appliances (ASA) devices and Cisco Firepower Threat Defense (FTD) software. A cyber threat actor could exploit vulnerabilities (CVE-2024-20353, CVE-2024-20359, CVE-2024-20358) to install a backdoor to later take control of an affected system.

Read more about Vulnerability Awareness – Cisco Patches Two Zero-days Exploiting Firewall Platforms

You are here

Cybersecurity

Report – Verizon’s 2024 Data Breach Investigations Report (DBIR)

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – May 2, 2024

Supplemental Cyber Highlights – April 30, 2024

General Awareness: Opinion Piece on “America’s small-town water systems are global cyber targets. Is your city next?”

Cyber Resilience During National Small Business Week

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 30, 2024

Supplemental Cyber Highlights – April 25, 2024

Report – Behavioral Patterns of Ransomware Groups are Changing According to the GRIT 2024 Ransomware Report

IT-ISAC Report – Exploring the Depths: An Analysis of the 2023 Ransomware Landscape and Insights for 2024

Vulnerability Awareness – Cisco Patches Two Zero-days Exploiting Firewall Platforms

Pages

You are here

Cybersecurity

Pages

Footer Email Signup