Last week, CISA, the National Security Agency (NSA), the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, “Phishing Guidance: Stopping the Attack Cycle at Phase One.” The joint guide outlines phishing techniques threat actors commonly employ and provides guidance for network defenders to help reduce the impact of phishing attacks.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
October 24: CISA Releases One Industrial Control Systems Advisory
CISA, NSA, FBI, and MS-ISAC have released an updated version of the joint #StopRansomware Guide. The update includes new prevention tips such as hardening SMB protocols, revised response steps, and added threat hunting insights.
The ICT SCRM Task Force’s newest resource, Empowering SMBs: A Resource Guide For Developing a Resilient Supply Chain Risk Management Plan, was created to provide a valuable starting point for small and medium-sized businesses (SMBs) to develop and tailor an information and communications technology (ICT) supply chain risk management (SCRM) plan that meets the needs of their business. The Task Force SMB Resource Guide is a supportive tool that an organization can leverage to establish an actionable SCRM plan that will support the mitigation of risks and disruptions to their supply chains.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Two Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
Note: WaterISAC does not maintain a position on this action, we are providing this development for your awareness.
In a recent report from Cofense, the significance of using voice messages for communication was brought to the forefront. The report highlighted an ongoing phishing campaign where threat actors strategically included an access key in the email content, alluring users into accessing what appeared to be a genuine voice message.
Colonial Pipeline reported that there has been no disruption to its pipeline operations or systems following threats from a ransomware group known as Ransomed.vc, stating the claims made by Ransomed.vc are "unsubstantiated." To validate the security of its systems, Colonial Pipeline collaborated with its security and technology teams and CISA, confirming there had been no disruption to pipeline operations and that its system remained secure. It is believed that the files initially posted online appeared to be related to a third-party data breach that was unrelated to Colonial Pipeline.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
