Cybersecurity

(TLP:CLEAR) CISA and USCG Identify Areas for Cyber Hygiene Improvement

Summary: CISA led a proactive threat hunt engagement at a U.S. critical infrastructure organization with the support of U.S. Coast Guard (USCG) analysts. This advisory highlights areas of potential cyber hygiene improvement for other critical infrastructure organizations. During the engagement, CISA did not identify evidence of malicious cyber activity or threat actor presence on the organization’s network but did identify several areas of cybersecurity risk.

Read more about (TLP:CLEAR) CISA and USCG Identify Areas for Cyber Hygiene Improvement

(TLP:CLEAR) Mass Exploitation of SonicWall Firewalls, Suspected Zero-Day

Summary: ACTION MAY BE REQUIRED for utilities using Gen 7 SonicWall firewalls with SSL VPN enabled. On Monday, SonicWall published a blog post confirming an active campaign targeting an unknown vulnerability in SonicWall Gen 7 firewalls. The blog post came after warnings from Arctic Wolf, Google, and Huntress, who have all indicated that there has been an increase in cyber incidents involving the Gen 7 SonicWall firewalls that use the secure sockets layer (SSL) protocol.

Read more about (TLP:CLEAR) Mass Exploitation of SonicWall Firewalls, Suspected Zero-Day

(TLP:CLEAR) EPA Report - Securing the Future of Water: Addressing Cyber Threats Today

Summary: Yesterday, alongside an announcement of more than $9 million in grant funding for midsize and large water systems, the EPA published a report titled “Securing the Future of Water: Addressing Cyber Threats Today.” The report includes recommendations calling for a holistic approach to strengthen cybersecurity in the water sector by enhancing coordination and collaboration across government, associations, and wa

Read more about (TLP:CLEAR) EPA Report - Securing the Future of Water: Addressing Cyber Threats Today

(TLP:CLEAR) Supplemental Cyber Highlights – August 6, 2025

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience

Read more about (TLP:CLEAR) Supplemental Cyber Highlights – August 6, 2025

(TLP:CLEAR) CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – August 6, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

Read more about (TLP:CLEAR) CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – August 6, 2025

(TLP:CLEAR) CISA Releases Part One of Zero Trust Microsegmentation Guidance

Summary: On Tuesday, CISA released a new guide titled “Microsegmentation in Zero Trust, Part One: Introduction and Planning.” The guide is part of an ongoing effort to support Federal Civilian Executive Branch (FCEB) agencies implementing zero trust architectures (ZTAs). CISA plans to release a subsequent technical guide to offer detailed implementation scenarios and technical considerations for implementation teams.

Read more about (TLP:CLEAR) CISA Releases Part One of Zero Trust Microsegmentation Guidance

(TLP:CLEAR) Updated Joint Cybersecurity Advisory – Scattered Spider

Summary: On Tuesday, CISA, the FBI, and several other federal and international partners released an updated joint Cybersecurity Advisory (CSA) on Scattered Spider—a cyber threat group targeting commercial facilities sectors and subsectors. The update to this advisory provides updated tactics, techniques, and procedures (TTPs) obtained through FBI investigations conducted through June 2025.

Read more about (TLP:CLEAR) Updated Joint Cybersecurity Advisory – Scattered Spider

(TLP:CLEAR) CISA Releases Free Eviction Strategies Tool to Complement Incident Response

Summary: Yesterday, CISA released an Eviction Strategies Tool, a no-cost resource designed to support cyber defenders in their effort to respond to cyber incidents.

The Eviction Strategies Tool is comprised of:

Read more about (TLP:CLEAR) CISA Releases Free Eviction Strategies Tool to Complement Incident Response

(TLP:CLEAR) Supplemental Cyber Highlights – July 31, 2025

Critical Infrastructure Resilience

Read more about (TLP:CLEAR) Supplemental Cyber Highlights – July 31, 2025

(TLP:CLEAR) CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – July 31, 2025

ICS Advisories:

On July 31, 2025, CISA Released Two Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:

Read more about (TLP:CLEAR) CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – July 31, 2025

You are here

Cybersecurity

(TLP:CLEAR) CISA and USCG Identify Areas for Cyber Hygiene Improvement

(TLP:CLEAR) Mass Exploitation of SonicWall Firewalls, Suspected Zero-Day

(TLP:CLEAR) EPA Report - Securing the Future of Water: Addressing Cyber Threats Today

(TLP:CLEAR) Supplemental Cyber Highlights – August 6, 2025

(TLP:CLEAR) CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – August 6, 2025

(TLP:CLEAR) CISA Releases Part One of Zero Trust Microsegmentation Guidance

(TLP:CLEAR) Updated Joint Cybersecurity Advisory – Scattered Spider

(TLP:CLEAR) CISA Releases Free Eviction Strategies Tool to Complement Incident Response

(TLP:CLEAR) Supplemental Cyber Highlights – July 31, 2025

(TLP:CLEAR) CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – July 31, 2025

Pages

You are here

Cybersecurity

Pages

Footer Email Signup