The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Threat actors are exploiting the death of Queen Elizabeth II in brand impersonation phishing attacks to steal victims’ Microsoft account credentials, according to security researchers at Proofpoint. The phishing email purports to be from Microsoft and invites recipients to an “artificial technology hub” in the Queen’s honor. The social engineering tactic includes baiting the recipient to open the link so they can sign an online memory board in honor of the Queen.
The Australian Cyber Security Centre (ACSC) recently released an updated version of its Information Security Manual (ISM). The purpose of the ISM is to outline a cybersecurity framework that organizations can apply, using a risk management framework to protect information and systems from cyber threats. The ISM is intended for both executives and network defenders.
Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the National Security Agency (NSA), U.S. Cyber Command Cyber National Mission Force, the U.S. Department of the Treasury, the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), and the United Kingdom’s National Cyber Security Centre (NCSC) published a joint Cybersecurity Advisory (CSA) to highlight continued malicious cyber activity by advanced persistent threat (APT) actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC).
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Business email compromise (BEC) and vendor email compromise (VEC) are accurately and often discussed as impersonation-style cyber attacks where threat actors purport to be someone we have an existing trust relationship with. The intent of this ruse is to give phishing ploys a level of credibility to increase the chance of success. Some impersonation-style attacks are little more than amateurs attempting to spoof a trusted sender.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Threat Actors could exploit GIFs in Microsoft Teams to conduct phishing attacks, exfiltrate data, bypass security controls, and perform command execution via a novel attack technique dubbed “GIFShell.” The new attack technique chains together multiple security vulnerabilities in Microsoft Teams to compromise potential victims.
An increasing number of ransomware gangs are embracing a new tactic that allows them to encrypt their victims' systems faster while reducing the odds of being detected, according to a new report from SentinelLabs. This tactic is known as intermittent encryption and involves encrypting only portions of the targeted files' content, which still renders the data unrecoverable without a valid decryptor+key.
The North Korean sponsored advanced persistent threat (APT) Lazarus Group has been targeting energy providers across the world since February 2022 and employing new malware in their attacks, according to security researchers at Cisco Talos. Lazarus Group threat actors gain initial access via the exploitation of the Log4j vulnerability on exposed VMware Horizon servers. After gaining initial access, the attackers establish persistence on the victim networks’, conduct lateral movement, and deploy malware.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
