During a speech at Vanderbilt University, FBI Director Christopher Wray drew more attention to the threat from Chinese hacking operations on U.S. critical infrastructure and warned that the situation has become even more urgent. See WaterISAC’s previous coverage of the preeminent cyber threat posed by the PRC.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 23, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware.
A significant security threat to any organization is the continual presence of spam in our inboxes. It’s one easy way for an attacker to literally plant seemingly harmless information into the minds of personnel, and then prey on their natural human tendencies. In a corporate inbox, spam can pose a serious security threat.
A global increase in brute-force attacks has been identified against a variety of targets which include VPN services, web application authentication interfaces, and SSH services since at least March 18, 2024. Cisco Talos is actively monitoring the increase in attacks and is providing details on affected services.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 18, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
As social engineering techniques continue to proliferate, it is still important to continually remind family, friends, and colleagues of the common themes that are designed to trick us into falling for cyber scams. As such, the FBI recently issued a public service announcement to inform individuals and businesses about current social engineering techniques, including:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
