The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Two Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
Phishing continues to be one of the primary methods of attacks used by cyber criminals. Proofpoint’s latest “State of the Phish” report found that 84% of organizations around the world experienced at least one successful phishing attack in 2022. More than half (54%) of organizations reported facing three or more of these attacks.
A group of cyber criminals, tracked as “Smishing Triad,” is conducting a large-scale smishing (SMS phishing) campaign targeting U.S. citizens and purporting to be from the United States Postal Service (USPS), according to security researchers at Resecurity. Since users typically trust SMS communication channels more than e-mail, this campaign has reportedly compromised over 100,000 victims.
SC Media has written an article discussing the risks of not properly administering and updating an organization’s non-employee identity management systems.
Securonix has written a blog post describing an observed brute-force attack against Microsoft SQL servers to deploy Cobalt Strike and FreeWorld ransomware. The organization’s researchers found this attack interesting due to the relative sophistication of its tooling, infrastructure, and payloads.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
As people become more aware of phishing attacks, threat actors are constantly evolving their social engineering tactics to continue to compromise victims. To help organizations stay ahead of the latest phishing tactics, Cofense has written a report highlighting threat actors’ use of misleading dates in subject lines to influence the emotions of recipients and create a false sense of urgency.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT/SCADA Threats and other Critical Infrastructure Resilience
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Four Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
CISA has released additional indicators of compromise (IOCs) associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG) Appliance, versions 5.1.3.001-9.2.0.006. Malicious threat actors exploited this vulnerability as a zero day as early as October 2022 to gain access to ESG appliances.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
