According to a senior official at the Cybersecurity and Infrastructure Security Agency (CISA), the serious dearth of ransomware incident reporting in the U.S. is hindering efforts by the government to protect organizations. Likewise, lack of reporting is making it harder for the government to take retaliatory actions against these threat actors.
The Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI and the National Security Agency (NSA), have published a joint Cybersecurity Advisory (CSA) describing the ways in which People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities in order to establish a broad network of compromised infrastructure. The advisory describes the targeting and compromise of major telecommunications companies and network service providers and the top vulnerabilities routinely exploited by threat actors since 2020.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
Atlassian has released new Confluence Server and Data Center versions to address remote code execution vulnerability CVE-2022-26134 affecting these products. An unauthenticated remote attacker could exploit this vulnerability to execute code remotely, create new admin accounts, and conduct other malicious activity such as deploy ransomware. Last Friday, a proof-of-concept exploit for the Atlassian Confluence vulnerability was publicly posted.
The Cybersecurity and Infrastructure Security Agency (CISA) is urging all organizations to implement multi-factor authentication (MFA) to increase their cyber defenses. Today, more and more threat actors are compromising entities and defrauding individuals via stolen passwords. That is why implementing more than just a password to guard access to your devices and networks is critical. Indeed, the MFA webpage states that “adversaries are increasingly capable of phishing or harvesting passwords to gain unauthorized access. They take advantage of passwords you reused on other systems.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
The cybersecurity firm Proofpoint just released its 2022 edition of the Human Factor Report, which focuses on the lures and techniques that threat actors use to fool individuals into performing a certain activity and compromising an organization’s cyber defenses. Among many other findings, the report details how threats emanating from email continue to plague organizations. Specifically, the difference in email attacks containing malicious attachments versus malicious links. Email attacks containing malicious links were three to four times more common than attachment-based attacks.
The FBI has published a Public Service Announcement (PSA) warning the public of fraudulent schemes seeking donations or other financial assistance related to the war in Ukraine. According to the PSA, “criminal actors are taking advantage of the crisis in Ukraine by posing as Ukrainian entities needing humanitarian aid or developing fundraising efforts, including monetary and cryptocurrency donations.” Taking advantage of crises to scam unwitting individuals is nothing new, but its important to be aware of these schemes as fraudsters develop more sophisticated scams to steal money.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
The EnemyBot botnet continues to add critical vulnerabilities to its capabilities. Specifically, researchers observed that the botnet has added the recently disclosed VMware and F5 BIG-IP CVEs. EnemyBot is a botnet that was first discovered in March and is primarily being used to conduct distributed denial-of-service (DDoS) attacks and infect new devices.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
