The FBI and the Department of the Treasury released a joint Cybersecurity Advisory (CSA) detailing indicators of compromise associated with AvosLocker ransomware. AvosLocker operates as a Ransomware-as-a-Service (RaaS) affiliate-based group and has targeted several critical infrastructure sectors in the U.S. and across the world, including government facilities.
Security researchers have identified a new Ransomware-as-a-Service (Raas) family dubbed LokiLocker that has been active in the wild since August 2021. The ransomware employs file encryption to extort its victims and data wiping capabilities that can make an infected device unusable if a victim fails to pay the ransom. To obfuscate its activities, LokiLocker displays a fake Windows Update screen and disables multiple Windows security applications. It also deletes backup files and shadow copies to prevent data recovery.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) – Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability (AA22-074A) – to warn organizations that Russian state-sponsored cyber actors have gained network access through exploitatio
The BazarBackdoor malware has been observed spreading via corporate website contact forms rather than its typical phishing email attack chain, allowing it to evade security software.
The Qbot/Qakbot malware is “extremely active” and propagating itself via a new phishing campaign, according to security researchers. The botnet, which WaterISAC has reported on numerous times, is a highly modular malware used for many malign activities such as credential harvesting and dropping ransomware.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Approved by the House of Representatives on March 9, 2022 and the Senate on March 10 as Division Y of H.R. 2471, the Consolidated Appropriations Act of 2022.
Brief summary:
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI, the National Security Agency (NSA), and the United States Secret Service (USSS) have re-released a joint Cybersecurity Advisory on Conti ransomware. The advisory was updated to include indicators of compromise. It also notes that Conti threat actors remain active and reported Conti ransomware attacks against U.S. and international entities have grown to more than 1,000. The advisory also contains mitigation measures to reduce the risk of compromise by Conti ransomware. \
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
