On Tuesday, industrial component manufacturing giant Honeywell issued a statement that its IT systems had been disrupted by malware. Limited information was given beyond working with Microsoft to assess and remediate the situation and that the investigation is ongoing.
As part of the FBI’s Tech Tuesday series, the Phoenix, Arizona office has published an article warning about ransomware attacks. The FBI notes scammers often send ransomware through email phishing campaigns. Victims can unknowingly download ransomware onto a computer by opening an email attachment, clicking an ad, following a link, or even visiting a website that’s embedded with malware. The article includes a list of tips to protect oneself and one’s organization, which include disabling unused remote access/RDP ports and monitoring remote access/RDP logs.
May 20, 2021
On par with the annual Verizon Data Breach Investigation Report, is the FBI’s IC3 Internet Crime Report for fan favorite and most frequently referenced. So, without further ado, the 2020 Internet Crime Report has been released.
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a Joint Cybersecurity Advisory (CSA) on TrickBot malware. They note that a sophisticated group of cyber criminals are using phishing emails claiming to contain proof of traffic violations to lure victims into downloading TrickBot. TrickBot is a highly modular, multi-stage malware that provides its operators a full suite of tools to conduct a myriad of illegal cyber activities.
The FBI has published a Private Industry Notification (PIN) advising that it observed increased in business email compromise (BEC) actors targeting state, local, tribal, and territorial government entities for financial gain due to vulnerability exploitation and transparency requirements. It adds that the COVID-19 pandemic has exacerbated these challenges as many government entities shifted a significant portion of their workforce to remote work.
In its recent ICS Cybersecurity 2020 Year in Review Report (shared in the Security & Resilience Update for February 25, 2021) Dragos revealed four new ICS threat activity groups, KAMACITE, VANADINITE, STIBNITE, and
Network segmentation is a fundamental defense-in-depth strategy to limit communications across network boundaries and protect assets from unauthorized access. However, a commonly identified weakness during risk assessments is often a lack of appropriate network segmentation.
Kasperksy has published a special report looking back at how the cyber threat landscape has evolved since the beginning of the pandemic and how it might serve as an indicator of what to expect in years to come.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review an F5 advisory regarding multiple CVEs impacting BIG-IP and BIG-IQ devices and install updated software as soon as possible. CISA emphasizes that four of the CVEs involve critical remote code execution vulnerabilities, whereby an attacker could exploit these to take control of an affected system. Two related CVEs are buffer-overflow vulnerabilities.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
