Threat actors are exploiting multiple Google products to scam victims for potential account takeovers. Fraudsters have been exploiting Google Docs to spread malware and harvest credentials. Since December 2021, security researchers at Avanan have observed a massive campaign of threat actors exploiting the comments feature in Google Docs to target victims. The attacks have mostly been observed targeting Outlook users.
Akin with public guidance and recommendations shared in mid-December by CISA and the White House regarding protecting against malicious cyber activity before the holidays, federal agencies have jointly released Understanding
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
The FBI has published a TLP:GREEN FLASH warning that FIN7 cyber actors are targeting U.S. businesses through USB keystroke injection attacks. The FLASH indicates that since November 2021, the cyber criminal group FIN7 has been observed targeting the US defense industry with a package containing a fraudulent thank you letter, counterfeit Amazon gift card, and a USB device.
As we enter another year of the pandemic, employees working from home and in the office has become the norm across many industries. This hybrid work model greatly increases the attack surface for threat actors to exploit. Thus, the beginning of the new year, when many reevaluate organizational strategies, may be a good time to review existing cyber defenses in regard to the hybrid work environment. Email and enterprise-grade tools/applications could be a good place to start.
This week, Microsoft issued an Out-of-band (OOB) update to resolve Remote Desktop issues affecting Windows server products. While this is not a security update, it is notable for utilities relying on Remote Desktop that might be experiencing performance issues. According to Microsoft, users “might experience a black screen, slow sign in, or general slowness. You might also be unable to use Remote Desktop to reach the server. In some circumstances, the server might stop responding.” As of January 5, Microsoft released OOB updates for all Windows Server versions.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Most Advanced Persistent Threat (APT) groups are not focused on the size of an organization, but whether an organization can help them achieve their objective. That objective might be espionage or sabotage and it’s the significance of the organization toward accomplishing the objective, not the size, that matters. As a matter of fact, APT groups often leverage smaller targets such as supply chain partners or vendors as an entry point to larger attacks.
2021 experienced several significant cyber attacks and incidents, many of which may have been prevented by practicing a few basic cybersecurity best practices. Thus, in the spirit of New Year’s resolutions, cybersecurity firm ESET drafted a list of ten cybersecurity bad practices to break for 2022. This list is reminiscent of the Bad Practices Catalog that CISA started last year and includes common bad habits to break such as using outdated software, poor password hygiene, and not thinking before clicking.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
