The U.K.’s National Cyber Security Center (NCSC) published a guidance highlighting how organizations can better secure their data in cloud environments. The NCSC emphasize its important to use a cloud provider that is secure by design and by default, and one where the provider helps your organization meet its security responsibilities.
Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI published a joint Cybersecurity Advisory (CSA) on Zeppelin ransomware, providing tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations defend against this threat. Zeppelin ransomware is a spinoff of the Delphi-based Vega malware family and operates as a Ransomware as a Service (RaaS). From 2019 through at least June 2022, attackers have used this malware to target a wide range of businesses and critical infrastructure entities.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Last week, the Department of Homeland Security (DHS) warned that its Emergency Alert System (EAS), which the department uses to transmit emergency communications via TV and radio networks, could be exploited by a cyber threat actor to send out false emergency alerts.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
As Twilio recently learned, threat actors are able to breach internal corporate systems by stealing employee credentials through SMS phishing (smishing) attacks. The work-from-home paradigm notwithstanding as a potential contributing factor to smishing-based compromises, the incident demonstrates that organizations are not immune from smishing attacks targeting employee devices.
A new large-scale phishing campaign is employing a custom proxy-based phishing kit to bypass multi-factor authentication (MFA) and a variety of URL obfuscation techniques to circumvent email security software to steal credentials for Microsoft email accounts, according to security researchers at Zscaler. Notably, the campaign has targeted energy companies in the U.S., the U.K., New Zealand, and Australia. Researchers believe the goal of the campaign is to compromise corporate email accounts to carry out BEC (business email compromise) attacks.
Today, The Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains observed in 2021. According to the report, “In 2021, the top malware strains included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.
The Cybersecurity and Infrastructure Security Agency (CISA) published a cybersecurity action plan and resource guide for small organizations that may not have the maturity or financial resources of larger firms. In the guide, CISA lays out an action plan informed by the way cyber attacks actually happen. According to CISA, “we break the tasks down by role, starting with the CEO. We then detail tasks for a Security Program Manager, and the Information Technology (IT) team.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
