Although most people are aware of the major Solar Winds attack that compromised many organizations through its supply chain, lower-scale, less sophisticated supply chains are also increasingly being exploited, specifically in the developer or mobile environments. Indeed, many entities are being compromised not because of poor enterprise security, but because of unsecured connections in their supply chains.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Amidst increasing awareness of phishing attacks, one phishing campaign is using the DocuSign software to target lower ranking employees and trick them into providing login credential to scammers. In this campaign, victims receive an email impersonating someone in their organization asking them to “sign” a document by clicking on the attachment and entering their credentials. These emails are created to appear legitimate, but real DocuSign emails never ask users to enter password instead asking them to enter an authentication code emailed to them separately.
As if phishing emails weren’t enough, a new vishing campaign involves threat actors posing as Microsoft employees to trick victims into granting remote access to their devices. Vishing is a variation of phishing where the attackers speak with a victim over the phone. This vishing campaign was identified by the security firm Armorblox.
The Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the National Security Agency (NSA) released a joint cybersecurity advisory underscoring the persisting threat from the BlackMatter Ransomware group. The advisory includes tactics, techniques, and procedures (TTPs) associated with BlackMatter activity which could help organizations defend against this threat group. BlackMatter was first detected in July 2021 and has since targeted multiple critical infrastructure entities.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
A recent report from the cybersecurity firm BlueVoyant underscores the increasing number of third party data breaches that are affecting businesses up and down the supply chain. The report, Managing Cyber Risk Across the Extended Vendor Ecosystem, found that around 93 percent of organizations having experienced a direct data breach over the past year have been so damaging because they propagated throughout the compromised vendor’s supply chain.
The Australian Government just released its Ransomware Action Plan to confront the increasing threat posed by ransomware threat actors. The plan describes the capabilities and authorities that Australia will employ to tackle the ransomware menace and provides information for ransomware victim’s seeking help. Specifically, the plan calls for legislation mandating ransomware incident reporting, creating specific stand-alone offense for all forms of cyber extortion, and creating a stand-alone aggravated offence for cybercriminals who target critical infrastructure.
This post is leveraged from the CSAM Champions resources and is recommended to be provided to end users.
From ransomware to SolarWinds, the cyber threat landscape has been as hectic as it has ever been over the last 12-24 months. However, for all of the emerging threats and news that are cropping up on the horizon, phishing – one of the oldest pain points in cybersecurity – is continuing to wreak havoc, and is as big of a threat as it has ever been.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
