The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Last week, researchers began noticing at least one ransomware group attempting to “up” the data extortion game. Researchers at Cyderes and Stairwell observed a BlackCat/ALPHV sample attempting to corrupt files within the victim’s environment rather than encrypting them and then staging the files for destruction. The data destruction functionality is being linked to Exmatter, a tool that has previously been associated with BlackMatter.
The U.K.’s National Cyber Security Center (NCSC) recently published guidance highlighting how organizations can strengthen access and identity management security by implementing additional authentication methods beyond just using passwords.
Credential stuffing attacks became so pervasive in the first quarter of 2022, that the malicious traffic surpassed that of legitimate login attempts from normal users in some countries, according to security researchers at Okta.
Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI published a joint Cybersecurity Advisory (CSA) with technical details on cyber activity by Iranian state-sponsored threat actors that launched a destructive cyberattack against the government of Albania. Members are encouraged to review this advisory for greater understanding of adversary capabilities and behaviors and for recommended mitigations to protect systems from similar threats – irrespective of threat group or victimology.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The infamous Emotet botnet is now being used by attackers to deliver Quantum and BlackCat ransomware, based on a report by the cybersecurity firm AdvIntel. Emotet is a very common malware and AdvIntel has observed 1,267,598 total Emotet infections worldwide during the first nine months of 2022. Emotet typically propagates via email phishing campaigns and often hijacks email threads.
Last week, the Department of Homeland Security (DHS) announced a first-of-its-kind cybersecurity grant program specifically for state, local, and territorial (SLT) governments across the country. This State and Local Cybersecurity Grant Program, made possible by President Biden’s Bipartisan Infrastructure Law, provides $1 billion in funding to SLT partners over four years, with $185 million available for FY22, to support SLT efforts to address cyber risk to their information systems.
Threat actors are exploiting Microsoft Edge’s News Feed to conduct a malvertising campaign by injecting online advertisements and redirecting potential victims to websites pushing tech support scams, according to security researchers at Malwarebytes. This campaign has been ongoing for at least two months and is currently one of the most extensive operations based on the amount of telemetry noise.
The Cybersecurity and Infrastructure Security Agency (CISA) recently released its first, comprehensive Strategic Plan, intended to guide its efforts over the next three years. CISA notes the Strategic Plan focuses on how the agency and its partners will collectively reduce risk and build resilience to cyber and physical threats to the nation’s infrastructure.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
