The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
The NSA has released a guide to help teleworkers protect their home networks from malicious cyber actors, a potentially useful resource for organizations with employees working remotely.
In the second half of 2022, security researchers at Fortinet observed destructive wiper malware attacks impacting more organizations around the world, as well as cybercriminals retooling existing botnets and reusing code to power more sophisticated attacks.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Many of the vulnerabilities successfully exploited by ransomware groups in 2022 were years old and permitted attackers to establish persistence and move laterally to compromise an organization, according to new research from the IT company Ivanti.
The LockBit ransomware gang claims to have successfully compromised a Portuguese municipal water utility and is threatening to leak its stolen data. At the time of writing, it is still unknown how the attackers breached the utility or what type of data was stolen.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Over the past few years, the number of ransomware attacks has continued to increase alongside an evolution of tactics, techniques, and procedures (TTPs) employed by threat actors to compromise a network. The latest development, ransomware attacks targeting cloud-based infrastructure.
The U.K.’s National Cyber Security Centre (NCSC) posted guidance for mapping an organization’s supply chain. The document is aimed at medium to large organizations who need to gain confidence or assurance that mitigations are in place for vulnerabilities associated with working with suppliers. Supply chain mapping (SCM) is the process of recording, storing, and using information gathered from suppliers who are involved in a company’s supply chain.
Help Net Security has written an article covering research by Picus Security which found that multipurpose malware – or malware with multiple malicious capabilities – is becoming increasingly more popular to create and deploy. Researchers analyzed over 550,000 malware samples and mapped each one’s capabilities to the cyber kill chain.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
