Most Advanced Persistent Threat (APT) groups are not focused on the size of an organization, but whether an organization can help them achieve their objective. That objective might be espionage or sabotage and it’s the significance of the organization toward accomplishing the objective, not the size, that matters. As a matter of fact, APT groups often leverage smaller targets such as supply chain partners or vendors as an entry point to larger attacks.
2021 experienced several significant cyber attacks and incidents, many of which may have been prevented by practicing a few basic cybersecurity best practices. Thus, in the spirit of New Year’s resolutions, cybersecurity firm ESET drafted a list of ten cybersecurity bad practices to break for 2022. This list is reminiscent of the Bad Practices Catalog that CISA started last year and includes common bad habits to break such as using outdated software, poor password hygiene, and not thinking before clicking.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
With the holiday season upon us and many taking time off or otherwise distracted, it’s important to remember to be vigilant for cyber scams designed to leverage the “most happiest time of the year.” Therefore, WaterISAC continues sharing posts on awareness of various holiday scams.
Amid the holiday season and COVID-19 activity, threat actors are continuing to use phishing themes designed to elicit an emotional response to get users to click before they think. To increase members’ situational awareness, WaterISAC is highlighting three current phishing campaigns.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
The scourge of ransomware endures as criminals continue to find new ways to exploit and compromise systems and networks for their financial gain. WaterISAC is highlighting the most prolific and noteworthy ransomware groups this holiday season for members’ security awareness.
Many organizations rely upon Remote Desktop Protocol (RDP) software for connecting to remote systems. However, the widespread adoption of RDP software has significantly increased the attack surface for threat actors to exploit, because there are multiple security flaws with RDP. One particular security issue with RDP is known as “BlueKeep.” This RDP vulnerability, tracked as CVE-2019-0708, occurs pre-authentication and requires no user input.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The FBI has published a TLP:WHITE FLASH examining the activities of an APT group exploiting a zero-day on ManageEngine Desktop Central servers.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
