Cybersecurity

Vulnerability Awareness: Palo Alto Firewalls Vulnerability and Guidance

Action may be required: Utilities using impacted PAN-OS firewalls, versions 10.2, 11.0, and 11.1 configured with GlobalProtect gateway or GlobalProtect portal (or both) and device telemetry enabled, are highly encouraged to review and address accordingly.

Over the weekend, Palo Alto Networks released workaround guidance for a command injection vulnerability (CVE-2024-3400) which affects PAN-OS versions 10.2, 11.0, and 11.1. Palo Alto Networks has reported active exploitation of this vulnerability in the wild. WaterISAC is sharing this for member awareness.

Read more about Vulnerability Awareness: Palo Alto Firewalls Vulnerability and Guidance

Passthrough – Joint Guidance on Deploying AI Systems Securely

Yesterday, the NSA’s Artificial Intelligence Security Center (NSA AISC) published the joint Cybersecurity Information Sheet (CSI) Deploying AI Systems Securely in collaboration with CISA, the FBI, and international partners from Australia, Canada, New Zealand, and the United Kingdom.

Read more about Passthrough – Joint Guidance on Deploying AI Systems Securely

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 16, 2024

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 16, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Four Industrial Control Systems Advisories

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 16, 2024

Supplemental Cyber Highlights – April 11, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

Read more about Supplemental Cyber Highlights – April 11, 2024

CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System

This afternoon, CISA issued Emergency Directive 24-02 to address the significant risk from nation-state compromise of Microsoft Corporate Email System. Due to this heightened concern, WaterISAC recommends members review the ED, remain vigilant, and act accordingly as it is believed that the email compromise extends beyond the federal government and may impact other critical entities and the broader ecosystem.

Read more about CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System

NSA Issues Guidance for Maturing Data Security

The National Security Agency (NSA) is issuing guidance for maturing data security and protecting access to data at rest and in transit. The recommendations in the Cybersecurity Information Sheet (CSI), “Advancing Zero Trust Maturity Throughout the Data Pillar,” are intended to ensure only those with authorization can access data. The capabilities outlined in the CSI integrate into a comprehensive Zero Trust (ZT) Framework.

Read more about NSA Issues Guidance for Maturing Data Security

(Update: April 11, 2024) Incident Awareness – EPA Investigating Alleged Data Breach

The EPA has disclosed that the recent data leak by threat actor USDoD appears to include “business contact information already available to the public.” It is unclear if this statement refers to only a portion of the data, or all of it. They said the information was previously released to provide the public “a comprehensive picture of environmental impacts.” No further details regarding the exposed information were provided by the EPA amid ongoing investigation.

Read more about (Update: April 11, 2024) Incident Awareness – EPA Investigating Alleged Data Breach

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 11, 2024

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 11, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Nine Industrial Control Systems Advisories

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 11, 2024

Supplemental Cyber Highlights – April 9, 2024

Critical Infrastructure

Read more about Supplemental Cyber Highlights – April 9, 2024

Ransomware Awareness – What’s Influencing the Dip During Q1 2024?

Ransomware attacks increased substantially in 2023 showing a 55% increase in victims worldwide and reaching 5,070 cases. While Q4 2023 erupted with 1309 cases, Q1 2024 saw a 22% decrease. The Hacker News gives two main reasons for last quarter’s dip in ransomware cases.

Read more about Ransomware Awareness – What’s Influencing the Dip During Q1 2024?

You are here

Cybersecurity

Vulnerability Awareness: Palo Alto Firewalls Vulnerability and Guidance

Passthrough – Joint Guidance on Deploying AI Systems Securely

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 16, 2024

Supplemental Cyber Highlights – April 11, 2024

CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System

NSA Issues Guidance for Maturing Data Security

(Update: April 11, 2024) Incident Awareness – EPA Investigating Alleged Data Breach

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 11, 2024

Supplemental Cyber Highlights – April 9, 2024

Ransomware Awareness – What’s Influencing the Dip During Q1 2024?

Pages

You are here

Cybersecurity

Pages

Footer Email Signup