Cybersecurity

WaterISAC Advisory: (TLP:CLEAR) CISA and Partners Confirm Additional Activity into Exploitation of Unitronics PLCs Across the U.S. Water and Wastewater Sector

WaterISAC would like to remind members that this activity is notable and action is urged as it highlights that we aren’t necessarily targets for who/where we are, but for what we have (data or components) and how accessible (vulnerable/exploitable) it is – regardless of the size of our organization or how many people we service.

Executive Summary

Read more about WaterISAC Advisory: (TLP:CLEAR) CISA and Partners Confirm Additional Activity into Exploitation of Unitronics PLCs Across the U.S. Water and Wastewater Sector

(TLP:CLEAR) Water Utility Control System Cyber Incident Advisory: ICS/SCADA Incident at Municipal Water Authority of Aliquippa (Updated November 30, 2023)

As WaterISAC continues to monitor for more information regarding this incident, we would like to make members aware that this may not be an isolated incident. There have been a few open source reports about additional incidents with similar characteristics having occurred at other US water and wastewater utilities. WaterISAC is currently attempting to confirm those reports.

Based on this information, as a reminder members are highly encouraged to:

Read more about (TLP:CLEAR) Water Utility Control System Cyber Incident Advisory: ICS/SCADA Incident at Municipal Water Authority of Aliquippa (Updated November 30, 2023)

Supplemental Cyber Highlights – November 30, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

Read more about Supplemental Cyber Highlights – November 30, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – November 30, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Four Industrial Control Systems Advisories

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – November 30, 2023

(TLP:CLEAR) CISA Releases Alert on Exploitation of Unitronics PLCs Used in Water and Wastewater Systems

As a follow up and in response to WaterISAC’s advisory yesterday on the incident at the Municipal Water Authority of Aliquippa, CISA just released an alert warning water and wastewater utilities of the exploitation of Unitronics PLCs.

Read more about (TLP:CLEAR) CISA Releases Alert on Exploitation of Unitronics PLCs Used in Water and Wastewater Systems

Proofpoint Report Unveils Threat of MFA Fatigue Attacks

A new Proofpoint report highlights MFA fatigue attacks, where users, bombarded by a continuous stream of MFA notifications, hastily approve requests out of frustration. Real-world examples include attacks on Uber, Cisco, and Microsoft by the Lapsus$ threat actor and underscore the prevalence and impact of these tactics.

Read more about Proofpoint Report Unveils Threat of MFA Fatigue Attacks

Microsoft Uncovers Diamond Sleet's Supply Chain Attack with LambLoad Malware

According to a new blog post by Microsoft, a North Korean-based threat actor dubbed Diamond Sleet has been observed distributing a malicious variant of a legitimate application installer developed by CyberLink Corp. to target customers in a supply chain attack. For its part, the trojanized file, which is hosted on CyberLink’s update infrastructure, includes malicious code that is designed to download, decrypt, and load a second-stage payload.

Read more about Microsoft Uncovers Diamond Sleet's Supply Chain Attack with LambLoad Malware

Supplemental Cyber Highlights – November 28, 2023

Critical Infrastructure

Read more about Supplemental Cyber Highlights – November 28, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – November 28, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Four Industrial Control Systems Advisories

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – November 28, 2023

CISA and UK NCSC Unveil Joint Guidelines for Secure AI System Development

CISA and the UK National Cyber Security Centre (NCSC) have announced the release of the Guidelines for Secure AI System Development. The document provides essential recommendations for AI system development and emphasizes the importance of adhering to Secure by Design principles.

Read more about CISA and UK NCSC Unveil Joint Guidelines for Secure AI System Development

You are here

Cybersecurity

WaterISAC Advisory: (TLP:CLEAR) CISA and Partners Confirm Additional Activity into Exploitation of Unitronics PLCs Across the U.S. Water and Wastewater Sector

(TLP:CLEAR) Water Utility Control System Cyber Incident Advisory: ICS/SCADA Incident at Municipal Water Authority of Aliquippa (Updated November 30, 2023)

Supplemental Cyber Highlights – November 30, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – November 30, 2023

(TLP:CLEAR) CISA Releases Alert on Exploitation of Unitronics PLCs Used in Water and Wastewater Systems

Proofpoint Report Unveils Threat of MFA Fatigue Attacks

Microsoft Uncovers Diamond Sleet's Supply Chain Attack with LambLoad Malware

Supplemental Cyber Highlights – November 28, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – November 28, 2023

CISA and UK NCSC Unveil Joint Guidelines for Secure AI System Development

Pages

You are here

Cybersecurity

Pages

Footer Email Signup