This week, the White House launched the U.S. Cyber Trust Mark, an initiative allowing consumers of internet-connected devices to verify if these devices are secure. The FCC decided in a bipartisan and unanimous vote to authorize the U.S. Cyber Trust Mark and adopt final rules for the official label that will be applied to certified products.
Yesterday, Ivanti released security updates for two vulnerabilities affecting multiple products, including Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for Zero Trust Access (ZTA) gateway.
The extent of the Salt Typhoon Campaign targeting telecommunications continues to unfold as additional communications companies have been allegedly breached. Charter Communications, Consolidated Communications, and Windstream have all been reportedly breached by the Chinese attackers. Ann Neuberger, White House deputy national security adviser for cyber and emerging technologies, said that nine U.S.
Over the weekend, industrial networking communications provider Moxa sent a security advisory warning of two high-severity vulnerabilities that impact various models of its cellular routers, secure routers, and network security appliances.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Barracuda Networks recently analyzed the threats facing the water and wastewater sector and highlighted a number of challenges for U.S. water and wastewater utilities. Based on previous and recent EPA reporting, Barracuda assessed that a significant number of the 152,000 public drinking water systems in the U.S.
A recent report from cybersecurity company VulnCheck has revealed a significant vulnerability (CVE-2024-12856) affecting thousands of Chinese Four-Faith routers. The flaw allows attackers to exploit default credentials in the F3x24 and F3x36 router models to remotely inject commands into the operating system.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience & ICS Vulnerability Management
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Additional Alerts, Updates, and Bulletins
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
