On par with the annual Verizon Data Breach Investigation Report, is the FBI’s IC3 Internet Crime Report for fan favorite and most frequently referenced. So, without further ado, the 2020 Internet Crime Report has been released.
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a Joint Cybersecurity Advisory (CSA) on TrickBot malware. They note that a sophisticated group of cyber criminals are using phishing emails claiming to contain proof of traffic violations to lure victims into downloading TrickBot. TrickBot is a highly modular, multi-stage malware that provides its operators a full suite of tools to conduct a myriad of illegal cyber activities.
The FBI has published a Private Industry Notification (PIN) advising that it observed increased in business email compromise (BEC) actors targeting state, local, tribal, and territorial government entities for financial gain due to vulnerability exploitation and transparency requirements. It adds that the COVID-19 pandemic has exacerbated these challenges as many government entities shifted a significant portion of their workforce to remote work.
In its recent ICS Cybersecurity 2020 Year in Review Report (shared in the Security & Resilience Update for February 25, 2021) Dragos revealed four new ICS threat activity groups, KAMACITE, VANADINITE, STIBNITE, and
Network segmentation is a fundamental defense-in-depth strategy to limit communications across network boundaries and protect assets from unauthorized access. However, a commonly identified weakness during risk assessments is often a lack of appropriate network segmentation.
Kasperksy has published a special report looking back at how the cyber threat landscape has evolved since the beginning of the pandemic and how it might serve as an indicator of what to expect in years to come.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review an F5 advisory regarding multiple CVEs impacting BIG-IP and BIG-IQ devices and install updated software as soon as possible. CISA emphasizes that four of the CVEs involve critical remote code execution vulnerabilities, whereby an attacker could exploit these to take control of an affected system. Two related CVEs are buffer-overflow vulnerabilities.
The water treatment plant compromise in Oldsmar, Florida on February 5 led city officials to reassess and upgrade security measures at the facility, some of which are starting to be disclosed. Last week, the city council unanimously approved an upgrade for the plant’s supervisory controls and data acquisition software that allows a local firm to replace the facility’s current computers and software. It will also install a “simplified yet robust program” used by other local utilities, including a nearby electric utility, as well as install additional security.
The FBI has published a Private Industry Notification (PIN) advising that malicious actors will almost certainly leverage synthetic content for cyber and foreign operations in the next 12-18 months. The FBI reports that foreign actors are already using synthetic content in their influence campaigns and that they and criminal cyber actors will increasingly use this material for spear phishing and social engineering in an evolution of cyber operations tradecraft.
Used across multitude of facilities, often unmanaged and connected to the corporate network with little to no security, surveillance cameras provide an avenue for compromise. Compromise that usually leads to serious privacy concerns, but also opens the lens of access to the broader corporate network and for launching future attacks against customers. Attackers claim to have obtained privileged credentials for a high-level administrator at Verkada, an enterprise security camera solutions company.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
