I&C Secure Joins WaterISAC’s List of Champions
I&C Secure Joins WaterISAC’s List of Champions
WaterISAC Champions enhance Water and Wastewater Sector security
Cybersecurity
CISA Alert – FBI, CISA, and Partners Release Advisory Highlighting North Korean Cyber Espionage Activity
Today, CISA and partners released a joint Cybersecurity Advisory (CSA), North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs. The advisory was crafted to highlight cyber espionage activity associated with the Democratic People’s Republic of Korea (DPRK)’s Reconnaissance General Bureau (RGB) 3rd Bureau based in Pyongyang and Sinuiju.
Insider Threat – KnowBe4 Didn’t ‘Know Before’ Emphasizes how it can Happen to Any Organization
On Tuesday, Florida-based security awareness training company KnowBe4 reported that a North Korean agent, posing as a software engineer, managed to bypass its hiring background checks and spent the initial 25 minutes of employment trying to install malware on a company computer.
Threat Awareness – When Secure Email Gateways Miss Malware
Technology plays an essential role in the security of any organization. While it’s important to utilize, and often rely on, security tools to keep our data and organizations safe, it’s important to remember that these same tools are not foolproof. As of late, threat actors have been observed using various tactics (some new) to bypass Secure Email Gateways (SEGs). As Jennifer Lyn Walker, WaterISAC’s Director of Infrastructure Cyber Defense said, “when technology fails to stop threats, we need to be able to recognize the threats that make it into our inboxes.”
Supplemental Cyber Highlights – July 25, 2024
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
CrowdStrike
CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – July 25, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Supplemental Cyber Highlights – July 23, 2024
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
Insider Threat Awareness - Don’t Let End-User Errors Cost You
A key indicator of an organization's overall cyber health is the daily activities and behaviors of its users. Even with effective policies, training, and security measures, we all have the potential to make mistakes – including some that can be significantly damaging. The World Economic Forum (WEF) emphasizes this concern, revealing that 95% of cybersecurity incidents stem from human error. Consider the following five prevalent cybersecurity mistakes made by well-intentioned employees.
Supplemental Cyber Highlights – July 18, 2024
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
IT Vulnerabilities & Security Updates
CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – July 18, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Pages
