On Monday, as reported by WaterISAC, experts from DHS hosted a public briefing not only confirming the presence of Russian government sponsored cyber threat actors lurking within U.S. critical infrastructure networks, but that they have the ability to throw switches at any time and have refrained thus far.
The NCCIC advises that Digital Shadows Ltd. and Onapsis Inc. have released a report describing an increase in the exploitation of vulnerabilities in Enterprise Resource Planning (ERP) applications. ERP applications help organizations manage critical business processes—such as product lifecycle management, customer relationship management, and supply chain management. An attacker can exploit these vulnerabilities to obtain access to sensitive information.
July 24, 2018
The NCCIC has updated this advisory with additional details on equipment, affected products, and mitigation measures. ICS-CERT.
March 20, 2018
Private sector companies had a key role in the U.S. government’s attribution of last year’s WannaCry ransomware epidemic to North Korea, said Office of the Director of National Intelligence (ODNI) Cyber Threat Intelligence Integration Center (CTIIC) Director Tonya Ugoretz. She explained CTIIC learned of information about WannaCry that had been fed to the Department of Homeland Security by its private sector partners. This information allowed the U.S.
The National Institute of Standards and Technology (NIST) has released a special publication that provides guidance and best practices for electric utilities to securely and efficiently manage access to the networked devices and facilities on which power generation, transmission, and distribution depend. According to NIST, such guidance is especially necessary now given the challenges posed by the convergence of OT and IT departments.
The NCCIC reports it is aware of a vulnerability affecting Bluetooth firmware and operating system software drivers. A remote attacker could exploit this vulnerability to obtain sensitive information.
The NCCIC has released a Threat Alert on the Emotet malware, an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware affecting state, local, tribal, and territorial (SLTT) governments, and the private and public sectors. Emotet is disseminated through malspam (emails containing malicious attachments or links) that uses branding familiar to the recipient and imitates PayPal receipts, shipping notifications, or “past-due” invoices.
Cybersecurity firm, CrowdStrike published results for a new survey on Securing the Supply Chain.
Yesterday, the U.S. Department of Homeland Security (DHS) hosted an unclassified, virtual awareness briefing in its NCCIC Awareness Briefing series, titled, Russian Activity Against Critical Infrastructure.
The NCCIC has released an advisory on a resource exhaustion vulnerability in Moxa Nport 5210 5230 5232. Versions 2.9 build 17030709 and prior are affected. Successful exploitation of this vulnerability could allow a remote attacker to send TCP SYN packages, causing a resource exhaustion condition that would cause the device to become unavailable. Moxa recommends that users upgrade to the latest firmware version.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
