Cyberint has written a blog post detailing its research into a widespread campaign targeting LinkedIn accounts. Researchers have observed a surge in Google searches for LinkedIn account hacking and some victims have shared that they’ve received ransom notes with instructions on how to regain access to their account.
SentinelOne has written a blog discussing how nation-state sponsored cyberattacks have risen and evolved. While rare at the turn of the millennium, easily deniable cyberattacks are now an accepted geopolitical capability and a major security concern that countries have to address.
The Chinese government would likely consider destructive or disruptive attacks on American critical infrastructure assets if it believed the U.S. was likely to intervene during a potential Chinese invasion of Taiwan, warned CISA Director Jen Easterly at a cybersecurity conference this past weekend.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT/SCADA Vulnerabilities & Threats
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Two Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
Talos has written a blog discussing the potential risks that will arise as threat actors begin to experiment with AI-powered capabilities. While the practical deployment of AI is still in its infancy, there are some predicted areas of concern.
Sophos has written a blog describing its investigation into a social engineering-based attack chain that used a unique approach to get the victim to click on a malicious payload. This peer-pressure based tactic allowed the attackers to infect the network, despite the victim quickly detecting it.
As originally heard during WaterISAC’s July Cyber Threat Briefing, MITRE is extending an offer to 5 water or wastewater utilities to participate in its NO-COST research project that will aid in gaining valuable insights into your OT environment. Don’t delay! MITRE is looking to finalize the participants before the end of August.
The goal of this project is to:
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT/SCADA Vulnerabilities & Threats
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
