Cybersecurity

Ransomware Awareness – New Ransomware Strain Displays Fake Windows Update Alert to Hide Encryption

Trend Micro has posted a blog analyzing variants from a ransomware strain titled “Big Head,” which has the novel capability of hiding its encryption of a victim’s files with a fake Windows update alert. Researchers describe how, after running a series of checks, these Big Head variants post a screen that looks remarkably similar to what is seen when Windows is applying an update, before posting the actual ransom note once the encryption is complete.

Read more about Ransomware Awareness – New Ransomware Strain Displays Fake Windows Update Alert to Hide Encryption

Threat Awareness – Cl0p Ransomware Group Exploiting MOVEit Without Employing Encryption

Huntress posted a blog discussing its research into the recent spate of MOVEit vulnerabilities, including a previous zero day (CVE-2023-34362) and how criminal groups have been utilizing it in their operations.

Read more about Threat Awareness – Cl0p Ransomware Group Exploiting MOVEit Without Employing Encryption

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – July 6, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Three Industrial Control Systems Advisories

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – July 6, 2023

Cyber Resilience – Do you Know Where your Credentials Are?

With stolen credentials leading the charge as the root cause of many data breaches – and certainly one of the easiest methods – it’s important to monitor the various repositories and forums where credentials are often traded. There are numerous services that offer monitoring for stolen credentials and it’s important to be alerted for all the different types of credentials used or stored across your utility, including employee, customer/consumer, partner/third-party supplier, and VIP (executives and board members).

Read more about Cyber Resilience – Do you Know Where your Credentials Are?

Security Awareness – Cyber Actors Prepping for Amazon Prime Day

As the title states, consumers aren’t the only ones awaiting the famed annual Amazon Prime Day (or days). While threat actors may be procuring some Prime Day purchases, that isn’t the only activity they are predisposed. According to Check Point Research (CPR), there were almost 1,500 new domains related to the term “Amazon” of which 92% were found to be either malicious or suspicious. Furthermore, one out of every 68 “Amazon” related new domains were also related to “Amazon Prime,” of which about 93% of those domains were found to be risky.

Read more about Security Awareness – Cyber Actors Prepping for Amazon Prime Day

Supplemental Cyber Highlights – July 6, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Vulnerabilities

Read more about Supplemental Cyber Highlights – July 6, 2023

Joint Cybersecurity Information Sheet – Defending Continuous Integration/Continuous Delivery Environments

Yesterday, CISA and the National Security Agency (NSA) published a joint Cybersecurity Information Sheet (CSI), Defending Continuous Integration/Continuous (CI/CD) Delivery Environment, to help organizations improve their defenses in cloud implementations of development, security, and operations.

Read more about Joint Cybersecurity Information Sheet – Defending Continuous Integration/Continuous Delivery Environments

Supplemental Cyber Highlights – June 29, 2023

Read more about Supplemental Cyber Highlights – June 29, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – June 29, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Nine Industrial Control Systems Advisories

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – June 29, 2023

Zscaler ThreatLabz Ransomware Report Finds Encryptionless Extortion on the Rise

Zscaler’s ThreatLabz has released its 2023 Ransomware Report, which analyzes ransomware trends and impacts. Of special note this year is the continued sophistication of Ransomware as a Service (RaaS) and the rise of encryptionless extortion.

Read more about Zscaler ThreatLabz Ransomware Report Finds Encryptionless Extortion on the Rise

You are here

Cybersecurity

Ransomware Awareness – New Ransomware Strain Displays Fake Windows Update Alert to Hide Encryption

Threat Awareness – Cl0p Ransomware Group Exploiting MOVEit Without Employing Encryption

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – July 6, 2023

Cyber Resilience – Do you Know Where your Credentials Are?

Security Awareness – Cyber Actors Prepping for Amazon Prime Day

Supplemental Cyber Highlights – July 6, 2023

Joint Cybersecurity Information Sheet – Defending Continuous Integration/Continuous Delivery Environments

Supplemental Cyber Highlights – June 29, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – June 29, 2023

Zscaler ThreatLabz Ransomware Report Finds Encryptionless Extortion on the Rise

Pages

You are here

Cybersecurity

Pages

Footer Email Signup