With ransomware attacks evolving to include additional fallout such as data breaches, even organizations that seemed well-prepared can fall victim, as described in an ArsTechnica post about the Credit Union National Association (CUNA).
February 11, 2020
CISA has updated this advisory with additional information on the affected products and mitigating measures. Read the advisory at CISA.
December 12, 2019
Today is Safer Internet Day, a worldwide event aimed at promoting the safe and positive use of digital technology for all users. This year’s theme is “Together for a better internet,” which encourages everyone to play a part in creating a safer, more secure internet. While much of the focus of this year’s theme is on children and caregivers, its promoters make clear that is intended for everyone, including for people in industry and decision makers.
The Australian Cyber Security Centre (ACSC) has published an advisory noting that it is aware of recent ransomware incidents involving a ransomware tool known as “Mailto” or “Kazakavkovkiz.” The ACSC has limited information regarding the initial intrusion vector for Mailto, but evidence suggests that phishing and password spray attacks have been used to compromise user accounts. The ACSC advisory provides recommendations for users to detect and mitigate these types of attacks and assist with limiting their spread within networks.
Email security firm Agari posted an article reminding us how the attack surface from the scourge known as business email compromise (BEC) is larger than we may think. Agari points out the need to protect against the compromised supply chain, in what is referred to as vendor email compromise (VEC). With the majority of phishing emails we receive impersonating trusted suppliers, it is imperative that organizations are intentional about securing their supply chain.
There is no doubt that complex industrial control systems need to be secured, but what is holding us back from achieving even a minimum level of security? ICS cybersecurity firm Dragos explores five misconceptions that might be inhibiting your organization from reducing risk to your ICS environments:
In testimony before the U.S. House Judiciary Committee yesterday, FBI Director Christopher Wray identified the most persistent terrorism threats to the U.S. as homegrown violent extremists (HVEs), domestic extremists, and foreign terrorist organizations (FTOs). Drawing a link between two of the groups, he explained how FTOs have made extensive use of the Internet and social media to disseminate propaganda and training materials to attract and influence individuals in the U.S., giving rise to HVEs.
The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting OpenSMTPD. An attacker could exploit this vulnerability to take control of an affected system. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol (SMTP) that is part of the OpenBSD Project. CISA encourages users and administrators to review CERT/CC’s Vulnerability Note VU#390745 and apply the necessary updates.
Until mid-2019, previous ICS-impacting ransomware had been limited to only IT-based mechanisms that enabled the propagation into control system environments. ICS cybersecurity firm Dragos assesses the newly disclosed EKANS ransomware (also reported as SNAKE) is not the first sample with direct ICS-impacting implications.
The Internal Revenue Service (IRS) has launched its “Identity Theft Central” webpage to provide 24/7 access to online information regarding tax-related identity theft and data security protection. Tax-related identity theft occurs when someone steals personal information to commit tax fraud.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
