The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Sophos has released its The State of Ransomware 2023 report, which concludes that “independent of revenue, geography, or industry, ransomware continues to be major threat to organizations.” Sophos supports this conclusion with that fact that the number of ransomware victims whose data was encrypted by their victimizer has grown to 76 percent, the highest the report has seen since it began in 2020.
Recent analysis by Malwarebytes highlights how threat actors continue leveraging malvertising in various ways to proliferate malware. Malwarebytes posted a blog discussing a recently observed advertising campaign directing victims to download a new loader labeled Invalid Printer, which later delivers Aurora malware as a payload. The attack begins as users click on a potentially risky ad, which redirects them to a full-screen browser window mimicking a Windows security update.
It’s been two years since the ransomware attack on the Colonial Pipeline, which many observers view as a watershed moment in cybersecurity. While many positive strides have been made since the attack, which CISA details in a recent blog post, other analysts argue the threat from ransomware is still growing and impacting critical infrastructure organizations.
WaterISAC regularly provides awareness of recent CISA reporting. While direct relevance to your utility/organization on the details of each report may vary, activity alerts like this are practical for general awareness of active threats and adversary capabilities.
Security researchers at Cofense recently observed credential phishing campaigns that use a novel deception technique, directing victims to a voice recording that lures them into a false sense of security after they’ve provided their Microsoft credentials.
Microsoft announced the implementation of number matching for push notifications via Microsoft Authenticator in an effort to counter the increasing prevalence of multi-factor authentication (MFA) fatigue attacks.
CyberScoop has written an article discussing federal concerns over victims’ reluctance to report ransomware attacks to the broader community, as outlined in the Institute for Security and Technology’s Ransomware Task Force May 2023 Progress Report. The FBI and Justice Department have stated that only 20% of victims report if they’ve been infected.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Commodity malware continues to plague businesses and the threat actors employing them are utilizing a diverse toolset of tactics, techniques, and procedures in order to proliferate the malware, such as IcedID and Qbot/Qakbot, and compromise more victims.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
