Brand impersonation attacks, when adversaries attempt to mimic a website or domain of a well-known brand by using a similar domain name and webpage designed like the actual site, remain one of the most deceptive forms of phishing. A recent report from the email security company Vade identifies the top brands threat actors impersonated in brand phishing attacks in the first half of 2022.
Multiple security researchers have discovered that threat actors are increasingly employing malicious Internet Information Services (IIS) web server extensions to backdoor unpatched Exchange servers. These malicious IIS extensions provide adversaries with a durable persistence tool and are harder to detect than web shells with traditional security tools “since they mainly reside in the same directories as legitimate modules used by target applications,” according to Microsoft.
After the Redmond giant’s decision to turn macros off, then on again, and now finally back off, it seems threat actors have already adopted alternative attack vectors to infect victims with malicious attachments.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Typically, people think of cyber attacks occurring on their personal or work computers. However, mobile smartphones, which many people use for banking, business communications, and other sensitive activities, are also prime targets for cyber threat actors. Consequently, some of the top threats to Android and Apple smartphones include, but are not limited to, phishing and more specifically smishing (SMS text phishing), SIM hijacking, spyware, financial malware, open Wi-Fi, and ransomware.
The Cybersecurity and Infrastructure Security Agency (CISA) has shared a security advisory from the software company Atlassian urging users of the Confluence application to apply the necessary updates to address a critical security vulnerability. Attackers could exploit this vulnerability to acquire sensitive information from users of the Confluence app. Atlassian reports that the vulnerability is likely to be exploited in the wild now that the hardcoded password is publicly known. Many organizations utilize Confluence for project management and for collaboration between remote workers.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
This week, the Cybersecurity and Infrastructure Security Agency (CISA) released a security advisory detailing six vulnerabilities that were detected in MiCODUS MV720 Global Positioning System (GPS) Tracker. Successful exploitation of these vulnerabilities could allow threat actors to gain control over any MV720 GPS tracker, granting access to vehicle location, routes, fuel cutoff commands, and the disarming of various features such as alarms, according to CISA. These devices are present in vehicles used by businesses and governments across the world.
EPA recently published a Bipartisan Infrastructure Law Resources for Drinking Water webpage, which highlights resources designed to help states and water systems with the implementation of the Bipartisan Infrastructure Law (BIL) that was enacted late last year.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
