Vulnerability Notification – Fortinet FortiManager Zero-Day Exploitation, CVE-2024-47575 (Updated – October 31, 2024)
October 31, 2024
Cybersecurity
Critical Infrastructure and Resilience Month – Resolve to be Resilient this November
November is Critical Infrastructure Security and Resilience Month, a time when the entire nation is encouraged to take steps to reinforce these systems and be vigilant to threats that undermine collective security and economic prosperity.
EPA Factsheet – Cyber Insurance for Drinking Water and Wastewater Systems
The EPA Water Infrastructure & Cyber Resilience Division (WICRD) recently produced a factsheet entitled “Cyber Insurance for Drinking Water and Wastewater Systems.” The factsheet provides water systems with a simplified guide to assist in the selection of cyber insurance to protect them against computer-related crimes and losses.
Supplemental Cyber Highlights – October 31, 2024
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – October 31, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Supplemental Cyber Highlights – October 29, 2024
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
Joint Statement by FBI and CISA on PRC Activity Targeting Telecommunications
CISA and the FBI recently released a public announcement concerning breaches on U.S. telecommunication service providers by Chinese cyber threat actors. The announcement reads:
The U.S. Government is investigating the unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People’s Republic of China.
Cybersecurity Awareness Month – 2024 Recap
As Cybersecurity Awareness Month 2024 comes to a close, here’s a brief recap of all that was shared this month. Hopefully, you put the handouts to good use by sharing them with staff and placing them in easy to see locations for anyone and everyone to read. If not, no worries – they are included below and are applicable during any month, not only Cybersecurity Awareness Month!
Using strong passwords and a password manager
CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – October 29, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Supplemental Cyber Highlights – October 24, 2024
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
Pages
