You are here

Home

Cybersecurity

Vulnerability Awareness – Cisco Patches Two Zero-days Exploiting Firewall Platforms

Given widespread use of Cisco ASA and FTD, WaterISAC is emphasizing these vulnerabilities for awareness. Members using impacted Cisco ASA devices and FTD software are strongly encouraged to address promptly.

Yesterday, Cisco released security updates to address ArcaneDoor—exploitation of Cisco Adaptive Security Appliances (ASA) devices and Cisco Firepower Threat Defense (FTD) software. A cyber threat actor could exploit vulnerabilities (CVE-2024-20353, CVE-2024-20359, CVE-2024-20358) to install a backdoor to later take control of an affected system.

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 25, 2024

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 25, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Eight Industrial Control Systems Advisories

Report – Mandiant’s M-Trends 2024 Report on Targeted Attack Activity in 2023

Mandiant recently released its M-Trends 2024 report which highlights targeted attack activity of 4000 different attack groups throughout 2023. It provides a deep look at the evolving cyber threat landscape taken from Mandiant’s incident response investigations and threat intelligence analysis of high-impact attacks around the globe.

Some main points from the report include:

FBI Director Wray Warns of China’s Preparations to Disrupt Critical Infrastructure Including the Water Sector

During a speech at Vanderbilt University, FBI Director Christopher Wray drew more attention to the threat from Chinese hacking operations on U.S. critical infrastructure and warned that the situation has become even more urgent. See WaterISAC’s previous coverage of the preeminent cyber threat posed by the PRC.

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 23, 2024

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 23, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Two Industrial Control Systems Advisories

Passthrough – Joint CSA #StopRansomware: Akira Ransomware

Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware.

ICS/OT/SCADA Vulnerability Awareness – Unitronics Vision Series PLCs | Storing Passwords in a Recoverable Format

Given recent attention and attacks against Unitronics Vision Series PLCs and their use in the water and wastewater systems sector, WaterISAC is amplifying this recent vulnerability advisory. Members using Unitronics Vision Series PLCs are highly encouraged to review the following ICS Advisory and address accordingly.

Unitronics Vision Series PLCs | ICSA-24-109-01

Vulnerability: Storing Passwords in a Recoverable Format

Threat Awareness – Global Increase in Brute-Force Attacks Targeting VPNs and SSH Services

A global increase in brute-force attacks has been identified against a variety of targets which include VPN services, web application authentication interfaces, and SSH services since at least March 18, 2024. Cisco Talos is actively monitoring the increase in attacks and is providing details on affected services.

Pages

Subscribe to Cybersecurity