(TLP:CLEAR) July 23, 2025 WaterISAC Champion Briefing - ThreatSTOP
Summary: WaterISAC and its Champion ThreatSTOP hosted a dedicated webinar on strengthening cyber resilience in the water sector on Wednesday, July 23. In the session, Dr.
Cybersecurity
(TLP:CLEAR) FBI PSA: North Korean IT Worker Threats to U.S. Businesses
Summary: Yesterday, the FBI released a Public Service Announcement (PSA) providing an update to previously shared guidance regarding the Democratic People’s Republic of Korea (North Korea) IT worker threat to U.S. organizations. The PSA shares how North Korea is evading U.S. and U.N. sanctions by targeting private companies to illicitly generate substantial revenue for the regime.
(TLP:CLEAR) Joint Cybersecurity Advisory - #StopRansomware: Interlock Ransomware
Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware.
(TLP:CLEAR) Supplemental Cyber Highlights – July 24, 2025
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
(TLP:CLEAR) CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – July 24, 2025
ICS Advisories:
On July 24, 2025, CISA Released Six Industrial Control Systems Advisories for products used across multiple sectors, please check these latest advisories for specific equipment used across your ICS/SCADA environments and address accordingly:
(TLP:CLEAR) WaterISAC's Quarterly Water Sector Incident Summary, January to March 2025 - Executive Summary
Water and wastewater owners and operators are encouraged to review WaterISAC's Q1 2025, Quarterly Water Sector Incident Summary executive summary. This one-pager is ideal for sharing with your non-technical and leadership staff to quickly align on current threats and mitigation actions.
(TLP:CLEAR) WaterISAC Advisory - ACTION MAY BE REQUIRED: Critical Vulnerabilities in On-Premises SharePoint Server Actively Exploited (Updated July 24, 2025)
July 24, 2025
CISA continues to update reporting on this ongoing activity, as threat actor tactics, techniques, and procedures (TTPs) continue to evolve. This update contains additional information on the deployment of ransomware, new webshells involved in exploitation, and enhanced detection guidance.
July 22, 2025
(TLP:CLEAR) AWWA’s New and Revised Cybersecurity Resources
Summary: WaterISAC is pleased to share that the American Water Works Association (AWWA), with the help of many subject matter experts (SMEs) within the water sector including WaterISAC, has released significant updates and revisions to its cybersecurity resources to aid utilities in building their cyber resilience. This comes as water and wastewater systems in the U.S.
(TLP:CLEAR) PoC Exploits for Pre-Auth Fortinet FortiWeb RCE Vulnerability Released (CVE-2025-25257)
Summary: Proof-of-Concept (PoC) exploits have been released for a vulnerability in Fortinet FortiWeb that WaterISAC drew awareness to in last week’s SRU.
(TLP:CLEAR) Supplemental Cyber Highlights – July 17, 2025
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
Pages
