Attention: Environments that support printing through all supported (and Extended Security Update) versions of Windows OS are encouraged to regularly track and address updates to this vulnerability.
Update July 19, 2021
CISA launched a StopRansomware initiative to bring greater awareness to this global cyber threat epidemic. The newly refreshed page has been rebranded and reorganized, and offers consolidated ransomware resources from all federal government agencies. While CISA did register a separate domain (stopransomware.gov) – presumably so they control it and so it’s not taken over by miscreants – the new domain redirects to a cisa.gov root domain (at least for the moment).
Yesterday, SonicWall issued an urgent security notice regarding a critical risk to Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware. Specifically, stolen credentials targeting the products are being used in a ransomware campaign.
Update July 15, 2021
CISA has created a webpage for relevant resources regarding the Kaseya ransomware incident. Kaseya Ransomware Attack: Guidance for Affected MSPs and their Customers can be accessed at CISA.
Kaseya VSA SaaS Infrastructure has been Updated – Updated July 12, 2021
Today Jen Easterly was sworn in as director of the Cybersecurity and Infrastructure Security Agency (CISA), following the Senate’s unanimous approval of her in a confirmation vote yesterday. She takes over leading the agency from CISA Executive Director Brandon Wales, who has served as acting director since November.
Microsoft identified a new zero-day vulnerability (tracked as CVE-2021-35211) impacting SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP products – this vulnerability is not related to SUNBURST. The Serv-U vulnerability enables remote code execution (RCE) with privileges following successful exploitation.
The U.S. Department of Homeland Security Cybersecurity and Information Security Agency (CISA) released its Analysis of FY20 Risk and Vulnerability Assessments along with an infographic mapping from 37 of its Risk and Vulnerability Assessments (RVAs) conducted in Fiscal Year 2020 to the MITRE ATT&CK® Framework. The report identifies routinely successful attack paths CISA observed during RVAs conducted across multiple sectors.
Based on its extensive visibility into OT environments, TrendMicro recently released a report highlighting the threats to ICS endpoints. The 2020 Report: ICS Endpoints as Starting Points for Threats shares the status of global industrial systems in terms of security against both known and new threats that hound ICS endpoints. TrendMicro looked at the data from ICS endpoints that are part of the IT/OT network, specifically industrial automation suites and Engineering Workstations.
The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new module to its Cyber Security Evaluation Tool (CSET) intended to help organizations address the threat of ransomware. Like the overall CSET, the new module - the Ransomware Readiness Assessment (RRA) – is a self-assessment for organizations to determine their cybersecurity practices on their networks, in this case how well equipped they are to defend and recover from a ransomware incident.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
