The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Today, the Australian Signals Directorate Australian Cyber Security Centre (ASD ACSC), CISA, and other U.S. and international partners released the joint guide “Detecting and Mitigating Active Directory Compromises”. This guide informs organizations of recommended strategies to mitigate common techniques used by malicious actors to compromise Active Directory.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience & OT Vulnerability Management
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
WaterISAC and EPA are excited to announce the release of a new joint product series issued quarterly, the National Security Information Sharing Bulletin. The Information Sharing Bulletin (ISB) is intended for water and wastewater utility owners and operators to provide information on priority security and resilience topics, including cybersecurity, physical security, and natural disasters.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure & Resilience
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
As ransomware threat actor tactics continue to advance, it’s important to remember that common cybersecurity “best-practices” are also in flux.
On Sunday, a cyber attack on a water utility in Arkansas City, Kansas prompted its treatment facility to revert to manual operations. The city manager, Randy Frazer, confirmed that the water supply remains unaffected and safe, with no disruption to service reported. The plant's manual operation is a precautionary measure to enhance security while the situation is being addressed. Arkansas City has notified relevant authorities and is collaborating with cybersecurity experts to manage the incident, which is believed to be a ransomware attack.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
