Unit 42 published its 2024 Incident Response Report yesterday which includes incident data from over 250 organizations and more than 600 incidents. The report provides a unique perspective into the latest threat tactics being used by attackers and provides helpful resources and methods for effective defense.
Cofense, a leading cybersecurity firm in email security, recently released its 2024 Annual State of Email Security Report. The report reveals emerging trends in the email threat landscape, such as an increase in various phishing tactics. Most notable, the report indicates a significant (37%) increase in malicious emails that are bypassing secure email gateways (SEGs) over last year, and an overwhelming 310% increase since 2021.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
The U.S. EPA OIG issued a fraud alert (attached) to highlight the all-too-common and costly form of phishing known as business email compromise (BEC). In this convincing scam, criminals are using fraudulent emails that appear to come from known and trusted sources to access company email accounts and target organizations that make or receive financial transactions. These emails may originate from lookalike, or spoofed, email accounts or legitimate email accounts compromised through phishing campaigns.
CISA recently shared its “Cybersecurity Emotions” series detailing social engineering tactics that threat actors often use when implementing various tactics against organizations and internet facing users. Organizations can add CISA’s “Cybersecurity Emotions” to security awareness training as each of the “emotions” are effectively described and explained giving relatable real-world understanding of these tactics and helping users learn the basics of “cyber hygiene.”
Dragos published its 2023 OT Cybersecurity Year in Review today. In its seventh iteration, this comprehensive report contains the latest threat intelligence on adversary activity targeting OT environments, industrial risk of ransomware, the state of OT vulnerabilities, and more. Dragos shares predominate insights, poignant lessons learned, and proactive recommendations in this annual data-driven analysis of ICS/OT focused cyber threats and vulnerabilities.
In a joint operation known as “Operation Cronos,” international law enforcement partners collaborated in efforts to disrupt the notorious ransomware group known as LockBit. The U.S. Department of Justice Office of Public Affairs has issued a press release announcing the disruption of the gang along with indictment charges against two Russian nationals.
A banner on LockBit’s data leak website reads:
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – February 20, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – February 15, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
