The Cyber Threat Intelligence (CTI) team at the Multi-State Information Sharing and Analysis Center (MS-ISAC) worked with CISA, along with other federal partners, to release an updated #StopRansomware Guide, which was published earlier this summer.
This recent post by Brian Krebs is an interesting read for everyone, but security analysts, sysadmins, and other network defenders particularly should find this perspective interesting. This article suggests that a great many initial intrusions that lead to data theft could be nipped in the bud if more organizations started looking for the telltale signs of newly-arrived cybercriminals behaving like network tourists and how doing so can mean the difference between catching a compromise in week-1 (before the attackers dig in) and learning about the attack on CNN.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure (Vulnerabilities & Threats to ICS/OT/SCADA)
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Six Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
Action strongly suggested: Utilities which use and have not already isolated or replaced impacted Barracuda Email Security Gateway (ESG) appliances are encouraged to address immediately.
The FBI published a TLP:CLEAR FLASH (AC-000172-TT) emphasizing the Barracuda warning from early June to immediately replace impacted appliances.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Cloudflare has releases its inaugural Phishing Threats Report for 2023, with a key takeaway that over 30% of phishing attacks rely on newly registered domains, making them more difficult for network defenders to detect.
Bleeping Computer has written an article discussing a recently discovered campaign utilizing Google ads to deliver technical support scams to victims, highlighting the continuing threat of malvertising.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
What’s Black and White and Read all Over? Many years before computers, “newspaper” was the usual punchline to this riddle, but in today’s culture the QR code is more representative. QR codes have been in use for many years – a Japanese automotive company actually patented them in 1994 – but the usage became much more widespread during the COVID-19 pandemic. QR codes have benefits, but like anything electronically/digitally useful, scammers eventually leverage them with nefarious intent.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
