Cybersecurity

CISA Cybersecurity Advisory – Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth

CISA released a Cybersecurity Advisory (CSA) today, “CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth.” This CSA details key findings and lessons learned from a 2023 assessment – which was performed as a no-notice, long-term simulation of nation-state cyber operations – along with the red team’s tactics, techniques, and procedures (TTPs) and associated network defense activity.

Read more about CISA Cybersecurity Advisory – Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth

Ransomware Resilience – Understanding Ransomware Behaviors and the Typical Ransomware Attack Chain

While ransomware attacks are seemingly on the rise, as indicated by Mandiant, understanding the attackers’ “playbook” is a worth-while endeavor for any cybersecurity team. Recent research conducted by Cisco Talos helps do just that.

Read more about Ransomware Resilience – Understanding Ransomware Behaviors and the Typical Ransomware Attack Chain

NSA Cybersecurity Information Sheet: Advancing Zero Trust Maturity Throughout the Automation and Orchestration Pillar

The NSA published another Cybersecurity Information Sheet (CSI) today, its final zero-trust report, focusing on the Automation and Orchestration pillar of the Zero Trust (ZT) framework. The CSI is intended to help organizations better detect cyber threats and respond to common threats faster. It provides recommendations for automating routine tasks to better focus resources on investigating anomalies associated with advanced tactics, techniques, and procedures.

Read more about NSA Cybersecurity Information Sheet: Advancing Zero Trust Maturity Throughout the Automation and Orchestration Pillar

Partner Report - CISA and FBI Release Secure by Design Alert on Eliminating OS Command Injection Vulnerabilities

Yesterday, CISA and the FBI released a Secure by Design Alert, Eliminating OS Command Injection Vulnerabilities, in response to recent well-publicized threat actor campaigns that exploited OS command injection defects in network edge devices to target and compromise users.

Read more about Partner Report - CISA and FBI Release Secure by Design Alert on Eliminating OS Command Injection Vulnerabilities

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – July 11, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

Read more about CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – July 11, 2024

CISA Releases Guidebook on Operational Security

Last week, CISA released a guidance document, “Guide to Operational Security for Election Officials,” which offers an overview of operational security, highlighting potential risks and offering practical mitigation measures. Although the product focuses on election infrastructure, the mitigation guidance is applicable to every critical infrastructure organization.

Read more about CISA Releases Guidebook on Operational Security

Supplemental Cyber Highlights – July 9, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

Read more about Supplemental Cyber Highlights – July 9, 2024

ODNI Graphic – Recent Cyber Attacks on U.S. Infrastructure Underscore Vulnerability of Critical Systems

The Office of the Director of National Intelligence (ODNI) recently published a graphic depicting the vulnerability to U.S. industrial control systems. The graphic includes top recommendations and guidance from CISA, the EPA, FBI, and WaterISAC. The dataset was provided by the Cyber Threat Intelligence Integration Center (CTIIC) that captures cyber attacks on industrial systems from November 23, 2023 through April 22, 2024.

Read more about ODNI Graphic – Recent Cyber Attacks on U.S. Infrastructure Underscore Vulnerability of Critical Systems

Cyber Resilience – Incident Response Planning, Communication is Key

As data breaches continue to impact organizations at an increasing rate, the importance of effective cyber incident response is more important than ever. WaterISAC is sharing resources and tools to help utilities prepare for and implement this crucial aspect of organizational resilience.

Read more about Cyber Resilience – Incident Response Planning, Communication is Key

Security Awareness – “RockYou2024” Password Compilation Leak Boasts “Largest of all Time”

Cybersecurity researchers have recently reported that threat actors leaked a significant compilation of passwords on a popular hacking forum totaling 9.9 billion passwords. The compilation, known as “RockYou2024” was posted by a user named “ObamaCare” on July 4, and boasts the “largest password compilation of all time.” These kinds of sensational headlines are indeed notable. However, it’s important to note that this is not a new development, nor are these believed to all be newly leaked credentials.

Read more about Security Awareness – “RockYou2024” Password Compilation Leak Boasts “Largest of all Time”

You are here

Cybersecurity

CISA Cybersecurity Advisory – Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth

Ransomware Resilience – Understanding Ransomware Behaviors and the Typical Ransomware Attack Chain

NSA Cybersecurity Information Sheet: Advancing Zero Trust Maturity Throughout the Automation and Orchestration Pillar

Partner Report - CISA and FBI Release Secure by Design Alert on Eliminating OS Command Injection Vulnerabilities

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – July 11, 2024

CISA Releases Guidebook on Operational Security

Supplemental Cyber Highlights – July 9, 2024

ODNI Graphic – Recent Cyber Attacks on U.S. Infrastructure Underscore Vulnerability of Critical Systems

Cyber Resilience – Incident Response Planning, Communication is Key

Security Awareness – “RockYou2024” Password Compilation Leak Boasts “Largest of all Time”

Pages

You are here

Cybersecurity

Pages

Footer Email Signup