Ransomware Group Files SEC Complaint: Vigilante Report or Blackmail, What’s Next?
by Jennifer Lyn Walker
H2OSecCon 2025- a virtual security event for the water sector - happening May 20th. Register Now!
Cybersecurity
CISA and ACSC Release Business Continuity in a Box Product
Yesterday, CISA and the Australian Cyber Security Centre (ACSC) jointly published Business Continuity in a Box. This product, developed by ACSC with contributions from CISA, aims to assist small to medium-sized organizations with swiftly and securely standing up critical business functions during or following a cyber incident.
Joint Cybersecurity Advisory – #StopRansomware: Royal Ransomware (Updated November 14, 2023)
November 14, 2023
The FBI and CISA recently published an update to the joint Cybersecurity Advisory “#StopRansomware: Royal Ransomware.” The updated advisory provides network defenders with additional information on tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. FBI investigations identified these TTPs and IOCs as recently as June 2023.
Supplemental Cyber Highlights – November 14, 2023
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – November 14, 2023
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Two Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
CISA: Expansion of the Secure Tomorrow Series Toolkit Now Available
CISA has released the latest Secure Tomorrow Series Toolkit, a diverse array of interactive products to empower critical infrastructure stakeholders on how to use strategic foresight methods to identify and mitigate emerging risks.
Supplemental Cyber Highlights – November 9, 2023
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – November 9, 2023
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Four Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
FEMA and CISA Release Joint Guidance on Planning Considerations for Cyber Incidents
FEMA and CISA have released the joint guide Planning Considerations for Cyber Incidents: Guidance for Emergency Managers to provide state, local, tribal, and territorial (SLTT) emergency managers with foundational knowledge of cyber incidents to increase cyber preparedness efforts in their jurisdictions.
Cyber Warfare and Disinformation - Future Attacks Heightened Amid Israel-Hamas Conflict (Updated November 7, 2023)
November 7, 2023
In 2021, Anonymous declared a cyber war against Russia after the Ukraine invasion, with similar tactics seen in the Israel-Hamas conflict. While global cybersecurity has improved over 19 months (about 1 and a half years), U.S. companies still face persistent threats:
Pages
