The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Nine Industrial Control Systems Advisories (July 13, 2023)
Help Net Security has written an article discussing the consequences of the service-oriented ransomware industry’s growth. Due to the intense profitability of the industry, criminals have reproduced a legal economy with major ransomware groups using third parties and subcontractors while offering a menu of services to criminal consumers.
The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Enhanced Monitoring to Detect APT Activity Targeting Outlook Online, to provide guidance to agencies and critical infrastructure organizations on enhancing monitoring in Microsoft Exchange Online environments.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Despite growing awareness of the threat from phishing emails and greater adoption of multifactor authentication (MFA), threat actors are still successfully compromising firms via phishing attacks and breaching MFA protections with phishing toolkits. To help bring greater awareness to this activity, Proofpoint recently published a blog detailing how network defenders can help mitigate this threat.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Incidents, Threats, and Vulnerabilities
Trend Micro has posted a blog analyzing variants from a ransomware strain titled “Big Head,” which has the novel capability of hiding its encryption of a victim’s files with a fake Windows update alert. Researchers describe how, after running a series of checks, these Big Head variants post a screen that looks remarkably similar to what is seen when Windows is applying an update, before posting the actual ransom note once the encryption is complete.
Huntress posted a blog discussing its research into the recent spate of MOVEit vulnerabilities, including a previous zero day (CVE-2023-34362) and how criminal groups have been utilizing it in their operations.
Dragos joins WaterISAC’s list of Champions. Dragos protects operational technology (OT) in critical infrastructure from adversaries who wish to do harm. Dragos provides industrial defenders around the globe with technology, threat intelligence, and services to protect against cyber threats and challenges.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Three Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
