The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
WaterISAC and EPA just published the latest quarterly edition of the National Security Information Sharing Bulletin. The Information Sharing Bulletin (ISB) is intended for water and wastewater utility owners and operators to provide information on priority security and resilience topics, including cybersecurity, physical security, and natural disasters.
Starting the week of January 27, 2025, WaterISAC is adopting the Traffic Light Protocol (TLP) information sharing guidelines for all its written products and webinars. The use of TLP aligns WaterISAC with the widely adopted international guidelines for sharing information and facilitating more frequent and effective collaboration. Several federal agencies, such as CISA and Office of the National Cyber Director (ONCD) use the TLP.
During the House Committee Hearing held yesterday, four witnesses addressed the escalating threats posed by nation-state actors, particularly from the People’s Republic of China (PRC). They highlighted the increased sophistication and operational capabilities of these threat actors and noted a rise in cyber intrusions targeting U.S. critical infrastructure. Witnesses also cited recent incidents at water utilities.
Cybersecurity firm Tenable recently released an analysis of People’s Republic of China’s (PRC)-affiliated threat actor Salt Typhoon and examines the vulnerabilities and tactics employed by the group. Salt Typhoon has infiltrated at least nine U.S.-based telecommunications companies and has utilized various tactics, primarily exploiting vulnerabilities, to gain access.
Yesterday, CISA and the FBI released a joint advisory that included technical details of at least two exploit chains used by threat actors to break into Ivanti Cloud Service Appliances (CSA). The advisory comes in response to active exploitation in Ivanti CSA of the following vulnerabilities:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
