Yesterday U.S. Department of Homeland Security (DHS) Secretary Alejandro Mayorkas announced a variety of steps he plans his department to take to further address cyber threats to the nation. Cybersecurity and Infrastructure Security Agency (CISA) will be responsible for or have a significant role in implementing many of these steps, some of which involve building on existing efforts.
The FBI has published a Private Industry Notification (PIN) to provide awareness regarding Telephony Denial of Service (TDoS) attacks, noting they can affect the availability and readiness of emergency call centers and undermine public trust in these services. The PIN further discusses the impacts these attacks can have on call centers and threat actors’ motives, which can include to advance political or social causes or to extort municipalities for financial gain.
The Cybersecurity and Infrastructure Security Agency (CISA) has published an alert to highlight the cyber threat to cryptocurrency posed by North Korea and provide mitigation recommendations. CISA refers to the malware and other activity by the North Korean government as “AppleJeus.” In a series of seven malware analysis reports (MARs), it provides full technical details of the malware and associated indicators of compromise. Access the alert and MARs at CISA.
The dust (new details/disclosures) seems to be settling on the incident at the Oldsmar, Florida Water Treatment Plant that occurred on February 5, 2021. If you haven’t already, now is a good time to assess that your utility is not as vulnerable to the same basic cybersecurity shortcomings that reportedly contributed to the incident and/or have been identified during the investigation.
The Australian Cyber Security Centre (ACSC) has posted advice on secure usage of social media and social networking or messaging apps, underscoring that both can pose a number of security and privacy risks to organizations and individuals when used in an inappropriate or unsafe manner. It also observes that social networking or messaging apps are a common way for an adversary to gather information on organizations and their employees, projects, and systems.
Law enforcement authorities arrested members of the Egregor ransomware cartel in Ukraine last week, the result of a joint investigation by French and Ukrainian police. The arrested suspects are believed to be some of these "affiliates" (or partners) of the Egregor gang, whose job was to hack into corporate networks and deploy the ransomware. They are also believed to have provided logistical and financial support to help prop up operations.
Federal government partners have just released a TLP:WHITE* Joint Cybersecurity Advisory on the recent compromise of a U.S. water treatment facility. This product provides a summary of the incident informed by personnel who assisted with the onsite response, threat overviews based on what was observed, and series of recommendations organizations are encouraged to consider to protect themselves against similar activity.
Check Point has found that the Emotet trojan as remained in first place in the top malware list for the second month running, impacting 6 percent of organizations globally, despite an international police operation which took control of the botnet in late January (as discussed in the January 28 Security & Resilience Update).
Both the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released advisories warning of internet romance scams on the occasion of Valentine’s Day. The FBI’s advisory explains well-rehearsed criminals search dating sites, apps, chat rooms, and other social media networking sites attempting to build “relationships” for the sole purpose of getting your money or your personally identifiable information.
As part of its regular patch Tuesday release, Microsoft has announced an escalation of privileges vulnerability (CVE-2021-1732) in Microsoft Win32k. A local attacker can exploit this vulnerability to take control of an affected system. Microsoft has stated that Windows 10 and Windows Server 2019 are affected by this vulnerability. Microsoft has also reported that this vulnerability has
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
