The FBI has published a Public Service Announcement (PSA) warning the public that cyber criminal threat actors are actively exploiting search engine advertisement services to impersonate brands and direct users to malicious sites that host ransomware and steal login credentials and other financial information.
Review suggested: Given Microsoft is a widely used platform, please review the following and address accordingly. With respect to the holidays, please do not defer reviewing these latest threats.
CVE-2022-37958 is a remote code execution (RCE) vulnerability in the SPNEGO NEGOEX protocol of Windows operating systems, which supports authentication in applications.
Review recommended: Given Microsoft is a widely used platform, please review the following and address accordingly. With respect to the holidays, please do not defer reviewing these latest threats.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
As much of the world looks forward to the upcoming holidays, it is a good time for a reminder that cyber threat actors are no respecters of festivities. Observances and traditions notwithstanding, the holidays are an especially risk-filled time of year as cyber threat actors take advantage of employees on leave, burnout, deadlines, and other distractions. A few incidents that have occurred over a holiday during recent years include events such as SolarWinds, log4j, Colonial Pipeline, and Kaseya.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
BleepingComputer has written an article covering a ransomware attack on Empresas Públicas de Medellín (EPM), a Colombian energy, water, and gas utility. According to reports, employees were told to work from home and public facing websites were unavailable, including payment portals, after EPM was targeted by BlackCat ransomware. While the company has not released many details, independent security researchers have found an unsecured server utilized by the threat actor behind the attack where it appears data on over 40 EPM machines was uploaded before being encrypted.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Top level executives are more likely to expose their organization to potential cyber attacks compared to regular workers and they are also more likely to use easy to guess passwords, according to a new study by the cybersecurity company Ivanti.
On Tuesday, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI) published an assessment of 5G network slicing. The paper, Potential Threats to 5G Network Slicing, presents both the benefits and risks associated with 5G network slicing. And provides mitigation strategies that address potential threats to 5G network slicing.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
