Cybersecurity

Cyber Resilience – CISA and Microsoft Partnership Expands Access to Logging Capabilities Broadly

Based on a collaborative partnership between CISA and Microsoft, many Microsoft customers will now have access to expanded cloud logging capabilities at no additional charge, which will enhance cyber defense and incident response. The expanded access comes in response to a cyber incident in June involving a government agency where advanced persistent threat (APT) actors accessed and exfiltrated unclassified Exchange Online Outlook data.

Read more about Cyber Resilience – CISA and Microsoft Partnership Expands Access to Logging Capabilities Broadly

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – July 20, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases One Industrial Control Systems Advisory

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – July 20, 2023

Threat Awareness – .ZIP Top Level Domain Creates New Risks for Network Defenders, Users

Fortinet has posted a blog discussing Google’s launch of the .zip Top Level Domain and the challenges that presents for network defenders.

Read more about Threat Awareness – .ZIP Top Level Domain Creates New Risks for Network Defenders, Users

Third Party Risk – Cl0p Extending Shelf Life of MOVEit Vulnerability With Domino Effect Through Third Party Compromises

SC Magazine has written an article discussing the unprecedented scope of the MOVEit vulnerability’s exploitation by criminal threat actors, especially the Cl0p ransomware group. Nearly 370 organizations have either been identified as victims by Cl0p or have confirmed that they were victims themselves.

Read more about Third Party Risk – Cl0p Extending Shelf Life of MOVEit Vulnerability With Domino Effect Through Third Party Compromises

Supplemental Cyber Highlights – July 20, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

ICS/OT/SCADA Cybersecurity

Read more about Supplemental Cyber Highlights – July 20, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – July 18, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Seven Industrial Control Systems Advisories

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – July 18, 2023

Supplemental Cyber Highlights – July 18, 2023

Read more about Supplemental Cyber Highlights – July 18, 2023

CISA Develops Factsheet for Free Tools for Cloud Environments

CISA has developed and published a factsheet, Free Tools for Cloud Environments, to help organizations transitioning into a cloud environment identify the proper tools and techniques necessary for the protection of critical assets and data security.

Read more about CISA Develops Factsheet for Free Tools for Cloud Environments

Trend Analysis Report – Average Weekly Cyber Attacks Increase, Utilities-targeted Attacks Increase 18%

Check Point has written a blog covering its recent analysis of global cyber attack statistics and findings that Q2 of 2023 saw the highest number of average weekly cyber attacks in 2 years. Globally, this translates to organizations having faced an average of 1258 attacks per week, an 8 percent increase overall.

Read more about Trend Analysis Report – Average Weekly Cyber Attacks Increase, Utilities-targeted Attacks Increase 18%

Supplemental Cyber Highlights – July 13, 2023

ICS/OT – Vulnerabilities, Threats & Risks

Read more about Supplemental Cyber Highlights – July 13, 2023

You are here

Cybersecurity

Cyber Resilience – CISA and Microsoft Partnership Expands Access to Logging Capabilities Broadly

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – July 20, 2023

Threat Awareness – .ZIP Top Level Domain Creates New Risks for Network Defenders, Users

Third Party Risk – Cl0p Extending Shelf Life of MOVEit Vulnerability With Domino Effect Through Third Party Compromises

Supplemental Cyber Highlights – July 20, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – July 18, 2023

Supplemental Cyber Highlights – July 18, 2023

CISA Develops Factsheet for Free Tools for Cloud Environments

Trend Analysis Report – Average Weekly Cyber Attacks Increase, Utilities-targeted Attacks Increase 18%

Supplemental Cyber Highlights – July 13, 2023

Pages

You are here

Cybersecurity

Pages

Footer Email Signup