CSO Online posted an article discussing what potential purchasers of cyber insurance should be aware of in the new year. As the number of companies reporting attacks to insurers increases, so have the requirements for the purchase or renewal of policies. There are two broad trends impacting cyber insurance: insurers requiring a stronger security posture from organizations and the increasing cost of insurance.
Does cyber resilience keep you up at night? How confident are you in defending your utility’s cyber resilience status? Cisco’s newest Security Outcomes Report - Volume 3 may help as it explores seven success factors for boosting cyber resilience. In developing the report, Cisco asked 4,700 practitioners across 26 countries what security resilience means to them, what they’re doing successfully to achieve it, and what they’re struggling with.
According to a recent report by Accenture, the successful combination of stolen credentials and social engineering tactics to breach networks is increasing the demand for information stealers on the Dark Web. Specifically, Accenture notes a marked increase in the number of Dark Web advertisements for new information stealer malware variants. The report also discusses how the success of MFA fatigue attacks has contributed to this increased demand.
Sophos has written a blog post detailing six best practices from an updated version of its report on endpoint-related best practices for protecting against ransomware. The best practices include: turning on all policies and features of an endpoint, regularly reviewing the endpoint’s exclusions, enabling multi-factor authentication, ensuring endpoints are up-to-date and protected, maintaining general IT hygiene, and proactively hunting for adversaries within your network.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI published a joint Cybersecurity Advisory (CSA) #StopRansomware: Cuba Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Cuba ransomware threat actors.
Despite all the attention on ransomware, business email compromise (BEC) attacks remain the most financially impacting cyber threat facing the private sector. According to FBI data, in 2021 BEC attacks were responsible for the loss of $2.4 billion, in comparison to a loss of $49.2 million to ransomware attacks.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
According to the BBC, South Staffordshire PLC, the parent company of South Staffs Water and Cambridge Water, said it discovered its ransomware attackers (Cl0p/Clop) may have exfiltrated and potentially leaked bank details of its customers, although how many customers is currently unknown.
Last week, security researchers warned that the Black Basta ransomware gang is utilizing Qakbot malware as part of an aggressive and widespread campaign targeting U.S.-based organizations. Black Basta ransomware first became operational in April 2022 and since then it has become one of the most prolific Ransomware-as-a-Service (RaaS) groups.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
