The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
We often train users about email-based phishing and common signs of an impersonated or fraudulent email address.
The COVID-19 pandemic and the resultant mass movement to remote work significantly accelerated the development toward a more distributed and fragmented network infrastructure. This paradigm reinforced the need to implement stricter security controls around user and device access.
Attention: Members who use VMware vCenter Server within their environments are encouraged to review available advisories, address accordingly, and apply the necessary updates for impacted systems. Active scanning has been specifically observed for CVE-2021-22005. On September 21, 2021, CISA posted current activity report, VMware Releases Security Updates.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
On Tuesday, Microsoft’s security researchers published a report detailing a massive phishing-as-a-service campaign known as BulletProofLink. Phishing-as-a-Service offerings, or phishing kits, arm even the most novice threat actors with sophisticated platforms to launch widespread phishing campaigns with little more than a computer and a few hundred dollars. Researchers at Microsoft discovered this operation while investigating a separate phishing operation.
Approximately 100,000 Windows users worldwide have had their credentials leaked due to a flaw in the Microsoft Exchange Autodiscover feature. The Autodiscover feature is used by Microsoft Exchange to automatically configure a user’s email client with their organization’s predefined mail settings. After a user enters their credentials into an email client, the program attempts to authenticate to multiple Exchange Autodiscover URLs. It’s during this process that clear-text credentials could be routed to third-party untrusted websites to be collected.
The Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the NSA have released a Joint Cybersecurity Advisory (CSA) on the Conti ransomware, noting they have observed the increased use of this malware in attacks. The advisory contains technical details on the malware; it also maps the malware’s techniques to the MITRE ATT&CK framework. Additionally, it discusses mitigation measures to reduce the risk of compromise by the Conti ransomware.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
