Prior to the WaterISAC advisory on Friday, members have had plenty of reason to keep ransomware top of mind, including the significant increase in Emotet detections since the trojan’s reawakening this July.
The National Council of ISACs (NCI), of which WaterISAC is a member, has published a report describing how criminal organizations conduct ransomware operations and their impact to society. The report provides a thorough background of ransomware, to include providing descriptions of how ransomware infections occur and offering key statistics. One of these statistics is an estimate from the FBI that there are 4,000 ransomware attacks every day, equating to a ransomware attack every 40 seconds.
On the topic of activities that could help trigger election-related civil unrest and violence, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint cybersecurity advisory on an Iranian advanced persistent threat (APT) actor targeting U.S. state websites, including elections websites, to obtain voter registration data. CISA and the FBI assess this actor is responsible for the mass dissemination of voter intimidation emails to U.S. citizens and the dissemination of U.S.
We ended our ‘15CFAM’ campaign in recognition of NCSAM (National Cybersecurity Awareness Month) with a preview to November. Just in case you haven’t had your fill of acronym-soup, we have one more helping. For those of us who support the critical infrastructures that maintain our way of life, November’s recognition of Critical Infrastructure Security and Resilience (CISRM) is the most relevant.
The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has published a TLP:WHITE Malware Analysis Report (MAR) regarding a malware variant known as Zebrocy. According to the MAR, this malware has been used by a sophisticated cyber actor. This MAR is being distributed to enable network defense and reduced exposure to malicious activity.
The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has published a TLP:WHITE Malware Analysis Report (MAR) regarding a malware variant known as ComRAT. According to the MAR, this malware has been used by Turla, a Russian-sponsored Advanced Persistent Threat (APT) actor. This MAR is being distributed to enable network defense and reduced exposure to malicious activity.
Perhaps we’re bias, but the adage, “cybersecurity is a shared responsibility,” seems to aptly embody information sharing more than anything else. Information sharing and collaboration takes many forms. From Information Sharing & Analysis Centers/Organizations (ISACs/ISAOs) - like WaterISAC - to regional and local collaboration groups, and even trusted one-on-one interactions, sharing threat information (across all-hazards) is imperative for the security and resilience of any organization, sector, community, region, or nation.
CISA has published an advisory on a improper restriction of operations within the bounds of a memory buffer, session fixation, NULL pointer dereference, improper access control, argument injection, and resource management errors vulnerability in Mitsubishi Electric MELSEC iQ-R. Numerous versions of the products in these series are affected. Successful exploitation of these vulnerabilities by malicious attackers may result in network functions entering a denial-of-service condition or allow malware execution.
CISA has published an advisory on an uncontrolled resource consumption vulnerability in Mitsubishi Electric MELSEC iQ-R, Q and L Series. Numerous versions of the products in these series are affected. Successful exploitation of this vulnerability could cause a denial-of-service condition in the Ethernet port on the CPU module. Mitsubishi Electric recommends users take a series of mitigation measures to minimize the risk of exploiting this vulnerability. CISA has also provided a series of measures to help mitigate the vulnerability.
October 29, 2020
CISA has updated this advisory with additional information on the affected products and mitigation measures. Read the advisory at CISA.
October 8, 2020
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
