Cybersecurity

What To Do When Receiving Unprompted MFA OTP Codes

As more sites and services offer and require multi-factor authentication (MFA), cyber threat actors have turned to various methods to bypass this additional protection. From these attempts, actual account holders may receive unprompted one-time passcodes (OTPs). Receiving an OTP sent as an email or text should be a cause for concern as it likely means the account holder's credentials have been stolen, but there are steps to take to stop the activity in its tracks.

Read more about What To Do When Receiving Unprompted MFA OTP Codes

NSA Releases Recommendations to Mitigate Software Supply Chain Risks

In response to an increase in cyber attacks to supply chains over the past five years, including targeted attacks of software supply chains, the National Security Agency (NSA) published a new Cybersecurity Information Sheet (CSI), “Recommendations for Software Bill of Materials (SBOM) Management.” This CSI provides network owners and operators with guidance for incorporating SBOM use to help protect the cybersecurity supply chain.

Read more about NSA Releases Recommendations to Mitigate Software Supply Chain Risks

Joint Cybersecurity Advisory – #StopRansomware: Play Ransomware

Yesterday, CISA, the FBI, and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA), “#StopRansomware: Play Ransomware,” to disseminate Play ransomware group’s tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) identified through FBI investigations as recently as October 2023.

Read more about Joint Cybersecurity Advisory – #StopRansomware: Play Ransomware

Supplemental Cyber Highlights – December 19, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience

Read more about Supplemental Cyber Highlights – December 19, 2023

Joint Cybersecurity Advisory – Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally

Yesterday, CISA, along with the FBI, the National Security Agency (NSA), and several international partners released a joint Cybersecurity Advisory (CSA), “Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally,” to warn that Russian threat actors are exploiting CVE-2023-42793 at a large scale, targeting servers hosting JetBrains TeamCity software.

Read more about Joint Cybersecurity Advisory – Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally

Microsoft and Cyberspace Solarium Commission Address Urgent Water Infrastructure Cybersecurity Threats with Multistakeholder Solutions

Microsoft and the Cyberspace Solarium Commission 2.0 (CSC) have released a report addressing the growing threat to water and wastewater infrastructure cybersecurity.

Read more about Microsoft and Cyberspace Solarium Commission Address Urgent Water Infrastructure Cybersecurity Threats with Multistakeholder Solutions

People's Republic of China State-Sponsored Cyber Actor Volt Typhoon (Updated December 14, 2023)

December 14, 2023

The U.S. cybersecurity landscape faces a critical challenge with the emergence of a highly resilient botnet operated by the China state-sponsored threat actor labeled Volt Typhoon. This botnet has ingeniously repurposed end of life Small Office/Home Office (SOHO) routers from Cisco, Netgear, and Fortinet, and set up a Tor-like covert data transfer network to perform malicious operations.

Read more about People's Republic of China State-Sponsored Cyber Actor Volt Typhoon (Updated December 14, 2023)

Joint Cybersecurity Advisory - Karakurt Data Extortion Group (Updated December 14, 2023)

December 14, 2023

CISA has added language about Cisco VPNs being a possible initial access vector to the alert. Given the widespread use of Cisco products, WaterISAC is sharing this for situational awareness purposes.

June 2, 2022

Read more about Joint Cybersecurity Advisory - Karakurt Data Extortion Group (Updated December 14, 2023)

Supplemental Cyber Highlights – December 14, 2023

Critical Infrastructure

Read more about Supplemental Cyber Highlights – December 14, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – December 14, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Seventeen Industrial Control Systems Advisories

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – December 14, 2023

You are here

Cybersecurity

What To Do When Receiving Unprompted MFA OTP Codes

NSA Releases Recommendations to Mitigate Software Supply Chain Risks

Joint Cybersecurity Advisory – #StopRansomware: Play Ransomware

Supplemental Cyber Highlights – December 19, 2023

Joint Cybersecurity Advisory – Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally

Microsoft and Cyberspace Solarium Commission Address Urgent Water Infrastructure Cybersecurity Threats with Multistakeholder Solutions

People's Republic of China State-Sponsored Cyber Actor Volt Typhoon (Updated December 14, 2023)

Joint Cybersecurity Advisory - Karakurt Data Extortion Group (Updated December 14, 2023)

Supplemental Cyber Highlights – December 14, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – December 14, 2023

Pages

You are here

Cybersecurity

Pages

Footer Email Signup