Cybersecurity

Passthrough: Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways

CISA released a joint Cybersecurity Advisory (CSA) today in coordination with the FBI, MS-ISAC, and multiple international partners to emphasize that cyber threat actors continue exploiting previously identified vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways. The advisory was developed with the cooperation of Volexity, Ivanti, Mandiant, and other industry partners.

Read more about Passthrough: Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways

Passthrough: CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware

Today, CISA, the FBI, and MS-ISAC released a joint Cybersecurity Advisory (CSA), #StopRansomware: Phobos Ransomware, to disseminate known tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs), which are from incident response investigations tied to Phobos ransomware activity from as recently as February, 2024.

Read more about Passthrough: CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware

Vulnerability Awareness – Exploitation Broadens in ConnectWise ScreenConnect Flaws

Two recently resolved vulnerabilities in ConnectWise ScreenConnect, tracked as CVE-2024-1709 and CVE-2024-1708 (CVSS scores of 10 and 8.4, respectively) are being exploited by more and more threat actors. This greater interest among varied threat actors is broadening the threat and escalating urgency of remediation. Affected versions include ScreenConnect 23.9.7 and earlier versions.

Read more about Vulnerability Awareness – Exploitation Broadens in ConnectWise ScreenConnect Flaws

Report To the President – Strategy for Cyber-Physical Resilience: Fortifying Our Critical Infrastructure for a Digital World

The President’s Council of Advisors on Science and Technology (PCAST) released a report on fortifying the nation’s cyber-physical systems (attached). These systems are the integrated digital and infrastructural resources that are crucial to Americans’ daily lives, including the electrical grid, public water systems, internet and telecommunications, banking systems, air traffic control, and much more.

Read more about Report To the President – Strategy for Cyber-Physical Resilience: Fortifying Our Critical Infrastructure for a Digital World

Passthrough: FBI Cyber Global Cyber Experts in Your Local Community

FBI Cyber put together new info graphics on FBI Cyber Threat Response and Fact vs Fiction. They include helpful information to help organizations and users understand the proper supportive role that the FBI employs when assisting during an intrusion and helps to discard common misconceptions surrounding what FBI Cyber actually does. They also provide useful pre-intrusion and post-intrusion tips for properly reporting and responding to cyber intrusions including how to contact FBI Cyber.

Read more about Passthrough: FBI Cyber Global Cyber Experts in Your Local Community

(Update February 29, 2024) Joint Cybersecurity Advisory – #StopRansomware: ALPHV Blackcat

CISA, the FBI, and the Department of Health and Human Services (HHS) released an update to the joint advisory #StopRansomware: ALPHV Blackcat to provide new indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with the ALPHV Blackcat ransomware as a service (RaaS). ALPHV Blackcat affiliates have been observed primarily targeting the healthcare sector.

Read more about (Update February 29, 2024) Joint Cybersecurity Advisory – #StopRansomware: ALPHV Blackcat

Passthrough: Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations

The FBI, NSA, U.S. Cyber Command, and international partners are releasing this joint Cybersecurity Advisory (CSA) to warn of Russian state-sponsored cyber actors’ use of compromised Ubiquiti EdgeRouters (EdgeRouters) to facilitate malicious cyber operations worldwide.

Read more about Passthrough: Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations

Supplemental Cyber Highlights – February 27, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

Read more about Supplemental Cyber Highlights – February 27, 2024

Ransomware Awareness – LockBit: Down, but not Out

Following the international takedown operation of the LockBit ransomware group last week – which disrupted LockBit’s criminal network infrastructure and arrested two of its members – the ransomware group’s leader, known as LockBitSupp, has issued a lengthy message on a new dark web site with additional threats and promises of return.

Read more about Ransomware Awareness – LockBit: Down, but not Out

Passthrough: CISA, NCSC-UK, and Partners Release Advisory on Russian SVR Actors Targeting Cloud Infrastructure

CISA and other U.S. and international partners including the U.K. National Cyber Security Centre (NCSC), released a joint advisory yesterday - SVR Cyber Actors Adapt Tactics for Initial Cloud Access.

Read more about Passthrough: CISA, NCSC-UK, and Partners Release Advisory on Russian SVR Actors Targeting Cloud Infrastructure

You are here

Cybersecurity

Passthrough: Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways

Passthrough: CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware

Vulnerability Awareness – Exploitation Broadens in ConnectWise ScreenConnect Flaws

Report To the President – Strategy for Cyber-Physical Resilience: Fortifying Our Critical Infrastructure for a Digital World

Passthrough: FBI Cyber Global Cyber Experts in Your Local Community

(Update February 29, 2024) Joint Cybersecurity Advisory – #StopRansomware: ALPHV Blackcat

Passthrough: Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations

Supplemental Cyber Highlights – February 27, 2024

Ransomware Awareness – LockBit: Down, but not Out

Passthrough: CISA, NCSC-UK, and Partners Release Advisory on Russian SVR Actors Targeting Cloud Infrastructure

Pages

You are here

Cybersecurity

Pages

Footer Email Signup