Cybersecurity

Five Common Employee Offboarding Pitfalls and How to Avoid Them

The Hacker News has written an article discussing five common pitfalls that IT departments face when offboarding employees from the organization and how to avoid them.

Read more about Five Common Employee Offboarding Pitfalls and How to Avoid Them

US-Canada Joint Water Management Commission Targeted by NoEscape Ransomware Gang

The Record has written an article discussing the apparent targeting of the International Joint Commission, a US-Canada organization responsible for managing water systems along the border of the two countries, by the NoEscape Ransomware gang.

Read more about US-Canada Joint Water Management Commission Targeted by NoEscape Ransomware Gang

Supplemental Cyber Highlights – September 12, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

ICS/OT/SCADA Vulnerabilities & Threats

Read more about Supplemental Cyber Highlights – September 12, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – September 12, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Three Industrial Control Systems Advisories

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – September 12, 2023

Cyber Resilience – How to Prevent Drones from Enabling Cyber Threats Against Your Network

Security Intelligence has written an article discussing how drones can be used to enable and exacerbate cyberattacks against organizations, including those with otherwise secured facilities, especially with the backdrop of the Ukrainian war’s advancement in drone tactics.

Read more about Cyber Resilience – How to Prevent Drones from Enabling Cyber Threats Against Your Network

Threat Awareness – Phishing Campaign Observed Utilizing Microsoft Teams to Drop DarkGate Loader Malware

Truesec has posted a blog analyzing an observed phishing campaign utilizing Microsoft Teams to drop DarkGate Loader malware on victims’ networks.

Read more about Threat Awareness – Phishing Campaign Observed Utilizing Microsoft Teams to Drop DarkGate Loader Malware

Cyber Resilience – CISA Publishes Fact Sheet on Free Cyber Vulnerability Scanning Services Available to Water and Wastewater Utilities

On Monday, September 11, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) published a fact sheet on its free Cyber Vulnerability Scanning (VS) service for Water and Wastewater utilities. The fact sheet was developed in coordination with the EPA, the Water Sector Coordinating Council (WSCC), and the Association of State Drinking Water Administrators (ASDWA).

Read more about Cyber Resilience – CISA Publishes Fact Sheet on Free Cyber Vulnerability Scanning Services Available to Water and Wastewater Utilities

Insider Threat Awareness – Understanding and Mitigating the Risk of Insider Threats

Every organization is vulnerable to insider threats. As more organizations migrate their business operations to digital platforms the risk of a compromise due to an insider threat will continue to grow. Research for the latest Data Breach Investigations Report from Verizon found that 74% of data breaches involved a human element, highlighting the enduring risk both malicious and unintentional insider threats pose.

Read more about Insider Threat Awareness – Understanding and Mitigating the Risk of Insider Threats

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – September 7, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Four Industrial Control Systems Advisories

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – September 7, 2023

CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

The Cybersecurity and Infrastructure Security Agency (CISA) has released an update to a previously published Cybersecurity Advisory (CSA), Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells. The updated CSA contains victim information gathered in August 2023.

Read more about CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

You are here

Cybersecurity

Five Common Employee Offboarding Pitfalls and How to Avoid Them

US-Canada Joint Water Management Commission Targeted by NoEscape Ransomware Gang

Supplemental Cyber Highlights – September 12, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – September 12, 2023

Cyber Resilience – How to Prevent Drones from Enabling Cyber Threats Against Your Network

Threat Awareness – Phishing Campaign Observed Utilizing Microsoft Teams to Drop DarkGate Loader Malware

Cyber Resilience – CISA Publishes Fact Sheet on Free Cyber Vulnerability Scanning Services Available to Water and Wastewater Utilities

Insider Threat Awareness – Understanding and Mitigating the Risk of Insider Threats

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – September 7, 2023

CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

Pages

You are here

Cybersecurity

Pages

Footer Email Signup