Cybersecurity

Cyber Resilience – Do you Know Where your Credentials Are?

With stolen credentials leading the charge as the root cause of many data breaches – and certainly one of the easiest methods – it’s important to monitor the various repositories and forums where credentials are often traded. There are numerous services that offer monitoring for stolen credentials and it’s important to be alerted for all the different types of credentials used or stored across your utility, including employee, customer/consumer, partner/third-party supplier, and VIP (executives and board members).

Read more about Cyber Resilience – Do you Know Where your Credentials Are?

Security Awareness – Cyber Actors Prepping for Amazon Prime Day

As the title states, consumers aren’t the only ones awaiting the famed annual Amazon Prime Day (or days). While threat actors may be procuring some Prime Day purchases, that isn’t the only activity they are predisposed. According to Check Point Research (CPR), there were almost 1,500 new domains related to the term “Amazon” of which 92% were found to be either malicious or suspicious. Furthermore, one out of every 68 “Amazon” related new domains were also related to “Amazon Prime,” of which about 93% of those domains were found to be risky.

Read more about Security Awareness – Cyber Actors Prepping for Amazon Prime Day

Supplemental Cyber Highlights – July 6, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Vulnerabilities

Read more about Supplemental Cyber Highlights – July 6, 2023

Joint Cybersecurity Information Sheet – Defending Continuous Integration/Continuous Delivery Environments

Yesterday, CISA and the National Security Agency (NSA) published a joint Cybersecurity Information Sheet (CSI), Defending Continuous Integration/Continuous (CI/CD) Delivery Environment, to help organizations improve their defenses in cloud implementations of development, security, and operations.

Read more about Joint Cybersecurity Information Sheet – Defending Continuous Integration/Continuous Delivery Environments

Supplemental Cyber Highlights – June 29, 2023

Read more about Supplemental Cyber Highlights – June 29, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – June 29, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Nine Industrial Control Systems Advisories

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – June 29, 2023

Zscaler ThreatLabz Ransomware Report Finds Encryptionless Extortion on the Rise

Zscaler’s ThreatLabz has released its 2023 Ransomware Report, which analyzes ransomware trends and impacts. Of special note this year is the continued sophistication of Ransomware as a Service (RaaS) and the rise of encryptionless extortion.

Read more about Zscaler ThreatLabz Ransomware Report Finds Encryptionless Extortion on the Rise

Security Awareness – Cyber Attacks on Critical Infrastructure with Physical Impacts Increasing

Waterfall Security Solutions, in cooperation with ICSStrive, has published its 2023 Threat Report, which is specifically focused on OT cyber attacks with physical consequences. A key takeaway from the document is the observed surge in cyber attacks on critical infrastructure.

Read more about Security Awareness – Cyber Attacks on Critical Infrastructure with Physical Impacts Increasing

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – June 27, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases One Industrial Control Systems Advisories

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – June 27, 2023

Supplemental Cyber Highlights – June 27, 2023

Incidents

Read more about Supplemental Cyber Highlights – June 27, 2023

You are here

Cybersecurity

Cyber Resilience – Do you Know Where your Credentials Are?

Security Awareness – Cyber Actors Prepping for Amazon Prime Day

Supplemental Cyber Highlights – July 6, 2023

Joint Cybersecurity Information Sheet – Defending Continuous Integration/Continuous Delivery Environments

Supplemental Cyber Highlights – June 29, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – June 29, 2023

Zscaler ThreatLabz Ransomware Report Finds Encryptionless Extortion on the Rise

Security Awareness – Cyber Attacks on Critical Infrastructure with Physical Impacts Increasing

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – June 27, 2023

Supplemental Cyber Highlights – June 27, 2023

Pages

You are here

Cybersecurity

Pages

Footer Email Signup