ICS/OT Threat Awareness – Brute Force Tactics Targeting VPNs in the Water Sector: Key Insights From Dragos
This post is provided for awareness with most of the content pulled directly from the reporting source.
Cybersecurity
Cybersecurity Awareness Month 2024 – Secure Our World
October is Cybersecurity Awareness Month, a global effort to help everyone stay safe and protected when using technology whenever and however you connect. Cybersecurity Awareness Month is co-led by the National Cyber Security Alliance and CISA and is designed to engage and educate public and private-sector partners through events and initiatives with the goal of raising awareness about cybersecurity to increase the resiliency of the nation.
CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – October 1, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
New Joint Guide – ASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises
Today, the Australian Signals Directorate Australian Cyber Security Centre (ASD ACSC), CISA, and other U.S. and international partners released the joint guide “Detecting and Mitigating Active Directory Compromises”. This guide informs organizations of recommended strategies to mitigate common techniques used by malicious actors to compromise Active Directory.
Supplemental Cyber Highlights – September 26, 2024
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience & OT Vulnerability Management
CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – September 26, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
(TLP:CLEAR) WaterISAC – EPA: National Security Information Sharing Bulletin - Q4 2024
WaterISAC and EPA are excited to announce the release of a new joint product series issued quarterly, the National Security Information Sharing Bulletin. The Information Sharing Bulletin (ISB) is intended for water and wastewater utility owners and operators to provide information on priority security and resilience topics, including cybersecurity, physical security, and natural disasters.
Supplemental Cyber Highlights – September 24, 2024
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure & Resilience
CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – September 24, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Ransomware Resilience – MFA Bypass is Seen as the Largest Attack Vector for Ransomware Attacks
As ransomware threat actor tactics continue to advance, it’s important to remember that common cybersecurity “best-practices” are also in flux.
Pages
