The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
SC Magazine has written an article covering the rise of a new malware trend: using Microsoft’s OneNote to distribute payloads. Researchers from both Proofpoint and Sophos have observed various threat actors executing campaigns that deliver malware through OneNote attachments, likely as part of criminals’ continued attempts to test out new methods of bypassing threat detection software.
Bleeping Computer has written an article discussing the latest strain of the Medusa malware, which has existed in one form or another since 2015. While primarily a DDoS botnet, researchers at Cyble have discovered a new variant in the wild that’s based on the Mirai botnet’s source code leak from 2016, giving Medusa extensive new capabilities. However, the main concern is the addition of a ransomware module that gives Medusa more flexibility in how it can be used once it infects a machine.
Reminder: If your utility has any unpatched VMware ESXi servers online, you are encouraged to isolate them immediately and address accordingly.
FS-ISAC and the cloud company Akamai recently published a joint report, The Evolution of DDoS: Return of the Hacktivists, to educate industry on the somewhat renewed increase of Distributed Denial-of-Service (DDoS) attacks, the business risks it poses, and best practices on mitigation to better combat these incidents.
MITRE recently released the Cyber Resiliency Engineering Framework (CREF) Navigator, a free visualization tool that was developed to help engineers with designing cyber-resilient systems. The tool allows organizations to customize their cyber-resiliency goals, objectives, and techniques as aligned by NIST SP 800-160, which outlines standards on developing cyber-resilient systems.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Today, February 7, 2023, is Safer Internet Day, an awareness day established by the European Union’s SafeBorders project in 2005 and maintained by the Insafe network. Its purpose is to promote awareness of how internet citizens can protect themselves from those attempting to use the internet in a harmful manner.
Help Net Security has written an article covering a recently released study by SecurityScorecard and the Cyentia Institute on supply chain/third and fourth party risk. The report found that 98 percent of organizations have hired a vendor that has experienced a data breach in the last two years and that 50 percent of organizations have hired a third party that depends on a vendor that has experienced a data breach in the last two years. Compared to the primary organizations surveyed, third parties were found to be five times more likely to demonstrate poor security.
Dark Reading has written an article discussing how we can encourage employees to shift their mindset to become more security focused when online. The author argues that cybersecurity legislation, while critical to universally raising the bar for security, also contributes to a culture of security theater. Instead, they offer three ways that personnel can change their thinking and behaviors regarding security activities. The first is to teach employees the fundamental value of data to other organizations, helping them understand the significance of their actions online.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
