Yesterday, SonicWall issued an urgent security notice regarding a critical risk to Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware. Specifically, stolen credentials targeting the products are being used in a ransomware campaign.
Update July 15, 2021
CISA has created a webpage for relevant resources regarding the Kaseya ransomware incident. Kaseya Ransomware Attack: Guidance for Affected MSPs and their Customers can be accessed at CISA.
Kaseya VSA SaaS Infrastructure has been Updated – Updated July 12, 2021
Today Jen Easterly was sworn in as director of the Cybersecurity and Infrastructure Security Agency (CISA), following the Senate’s unanimous approval of her in a confirmation vote yesterday. She takes over leading the agency from CISA Executive Director Brandon Wales, who has served as acting director since November.
Microsoft identified a new zero-day vulnerability (tracked as CVE-2021-35211) impacting SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP products – this vulnerability is not related to SUNBURST. The Serv-U vulnerability enables remote code execution (RCE) with privileges following successful exploitation.
The U.S. Department of Homeland Security Cybersecurity and Information Security Agency (CISA) released its Analysis of FY20 Risk and Vulnerability Assessments along with an infographic mapping from 37 of its Risk and Vulnerability Assessments (RVAs) conducted in Fiscal Year 2020 to the MITRE ATT&CK® Framework. The report identifies routinely successful attack paths CISA observed during RVAs conducted across multiple sectors.
Based on its extensive visibility into OT environments, TrendMicro recently released a report highlighting the threats to ICS endpoints. The 2020 Report: ICS Endpoints as Starting Points for Threats shares the status of global industrial systems in terms of security against both known and new threats that hound ICS endpoints. TrendMicro looked at the data from ICS endpoints that are part of the IT/OT network, specifically industrial automation suites and Engineering Workstations.
The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new module to its Cyber Security Evaluation Tool (CSET) intended to help organizations address the threat of ransomware. Like the overall CSET, the new module - the Ransomware Readiness Assessment (RRA) – is a self-assessment for organizations to determine their cybersecurity practices on their networks, in this case how well equipped they are to defend and recover from a ransomware incident.
While the threat landscape is varied, the current ransomware scourge dominates the headlines and attack disclosures. From major gas and oil pipelines, food/meat processors, hospitals, schools, and countless city and municipal government entities – to include more than a few water and wastewater sector utilities – ransomware not only elevates the very real and present danger of cyber threats, but has been deemed a national security threat.
Today the U.K.’s National Cyber Security Centre (NCSC) announced it had migrated all of its device-related content to a new format intended to make it easier to configure the security of this equipment. As the NCSC notes, the format is intended to avoid confusion about the kinds of devices being referred to, clarifying that it’s a “one stop shop for device security.” The NCSC adds that some of the specialized content in the guidance includes information on purchasing devices and using obsolete products, adding that it’s working on more specialized content for the overarching guidance.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
