Bleeping Computer posted an article reporting that more than 60,000 Microsoft Exchange servers have still not been patched against CVE-2022-41082. CVE-2022-41082 is one of the two CVEs that make up the exploit known as ProxyNotShell. For more information, access WaterISAC’s coverage included in the Security & Resilience Update on December 22, 2022 here.
StateScoop has written an article discussing the impacts of a cyberattack against Cott Systems, a nationwide digital records management vendor reportedly utilized by approximately 400 local governments across 21 states. On December 26th, the company alerted customers that they had detected “unusual activity” on internal servers and were taking their network offline. Cott Systems has not yet provided a recovery timeline for its customers, but states that no customer data appears to be affected.
From time to time (more often, than not) data breaches are disclosed regarding widely used or well-known products, platforms, and organizations. Individually, each notice may seem less significant to report on in the sea of cyber threats and vulnerabilities, but nonetheless may be important for general awareness. Some data breaches may be associated with or an update to a prior cyber attack notification, such as data that was discovered/confirmed stolen after a ransomware attack.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Email security continues to challenge organizations large and small and remains one of the principal attack vectors in which threat actors gain access to a company before conducting further malicious activity, such as ransomware attacks. While security teams continuously combat email security with controls such as encryption and business email compromise protection, fundamentally, email security is about people.
ALPHV/BlackCat, one of 2022’s most notable ransomware menaces, continues to evolve its data extortion tactics in ongoing attempts to coerce victims into paying. The most recent tactic involves the group creating a replica of a victim’s website to publish stolen data openly on the internet. While the domain name and appearance of the website closely resembles the victim’s legitimate site, ALPHV uses its own directory structure to organize the leaked data.
During 2022, more than 200 organizations in the government, healthcare, and education sectors were compromised by ransomware in the U.S., a similar number of incidents to the previous year, according to cybersecurity company Emsisoft.
Phishing attacks during the third quarter of this year were their highest number ever observed, according to a new report from the Anti-Phishing Working Group (APWG). The report, Phishing Activity Trends Report 3rd Quarter 2022, detected 1,270,883 total phishing attacks.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
