Cybersecurity

Security Awareness – Another Phishing Campaign Leveraging Dropbox

Recent analysis from Darktrace has emphasized the importance of reminding users that malicious emails often look like they are sent from legitimate sources. In this case, a recent phishing campaign leveraged legitimate Dropbox infrastructure and bypassed multifactor authentication (MFA) allowing attackers to access sensitive information. Slightly more surprising than usual, these attackers sent reminder emails to the victims to access the previously shared pdf.

Read more about Security Awareness – Another Phishing Campaign Leveraging Dropbox

Threat Awareness – Microsoft: Russians Believed to have Accessed Company Secrets and Source Code

In an announcement made Friday on its company blog, Microsoft shared an update regarding the nation-state attack that the Microsoft Security Team detected on January, 12. As was shared then, this was an attack by the Russian SVR state-sponsored group that Microsoft tracks as Midnight Blizzard (also known as APT29, NOBELIUM, CozyBear, and UNC452) which was focused on Microsoft’s corporate email systems.

Read more about Threat Awareness – Microsoft: Russians Believed to have Accessed Company Secrets and Source Code

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 12, 2024

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 12, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases One Industrial Control Systems Advisory

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 12, 2024

Supplemental Cyber Highlights – March 7, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

Read more about Supplemental Cyber Highlights – March 7, 2024

Threat Awareness – Fake Online Meeting Applications Used to Distribute Windows RATs

Threat actors have been observed using fake Zoom and Google Meet invites to distribute remote access trojans (RATs) to users of Windows devices. The attackers have created false websites that impersonate both Zoom and Google Meet to lure and deceive victims into unknowingly downloading RATs.

Read more about Threat Awareness – Fake Online Meeting Applications Used to Distribute Windows RATs

Report: FBI’s IC3 Releases 2023 Internet Crime Report

The FBI’s Internet Crime Complaint Center (IC3) released its 2023 Internet Crime Report. The report tracked complaints from over 880,000 sources and a record number of potential losses exceeding $12.5 billion. This represents a nearly 10% increase in complaints received and a 22% increase in losses suffered, compared to the previous year. Investment scams were the costliest type of online crime tracked by IC3, which rose by 38% and totaled $4.57 billion.

Read more about Report: FBI’s IC3 Releases 2023 Internet Crime Report

Passthrough: CISA and NSA Release Cybersecurity Information Sheets - Advancing Zero Trust Maturity and Cloud Security Best Practices

CISA and the NSA released five joint Cybersecurity Information Sheets (CSIs) to provide organizations with recommended best practices and/or mitigations to improve the security of their cloud environment(s).

Read more about Passthrough: CISA and NSA Release Cybersecurity Information Sheets - Advancing Zero Trust Maturity and Cloud Security Best Practices

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 7, 2024

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 7, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases One Industrial Control Systems Advisory

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 7, 2024

Supplemental Cyber Highlights – March 5, 2024

Critical Infrastructure

Read more about Supplemental Cyber Highlights – March 5, 2024

Ransomware Incident Awareness – Timeline of Events in Fulton County Incident and Main Takeaways for Utilities

Fulton County, the largest county in Georgia, is still recovering from its January cyber incident. LockBit, the ransomware gang that took credit for the attack, posted a timer on its criminal website demanding payment – all this despite having its criminal infrastructure disrupted by the FBI in late February.

Read more about Ransomware Incident Awareness – Timeline of Events in Fulton County Incident and Main Takeaways for Utilities

You are here

Cybersecurity

Security Awareness – Another Phishing Campaign Leveraging Dropbox

Threat Awareness – Microsoft: Russians Believed to have Accessed Company Secrets and Source Code

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 12, 2024

Supplemental Cyber Highlights – March 7, 2024

Threat Awareness – Fake Online Meeting Applications Used to Distribute Windows RATs

Report: FBI’s IC3 Releases 2023 Internet Crime Report

Passthrough: CISA and NSA Release Cybersecurity Information Sheets - Advancing Zero Trust Maturity and Cloud Security Best Practices

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 7, 2024

Supplemental Cyber Highlights – March 5, 2024

Ransomware Incident Awareness – Timeline of Events in Fulton County Incident and Main Takeaways for Utilities

Pages

You are here

Cybersecurity

Pages

Footer Email Signup