The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
GuidePoint Security’s GRIT Q1 2024 Ransomware Report observes major shifts in the behavioral patterns of ransomware groups following law enforcement activity. According to the report, Q1 closed with a significant year-over-year increase in both the number of reported ransomware victims and the number of overall ransomware groups.
The Information Technology – Information Sharing and Analysis Center (IT-ISAC) recently released a ransomware report titled Exploring the Depths: An analysis of the 2023 Ransomware Landscape and Insights for 2024 (see attached). The report uses data drawn from open-source sites, the dark web, member input, and information shared between National Council of ISAC members. The IT-ISAC tracked 18 new ransomware groups in 2023 and highlights how new ransomware strains continue to emerge despite recent law enforcement efforts.
Key takeaways from the report include:
Given widespread use of Cisco ASA and FTD, WaterISAC is emphasizing these vulnerabilities for awareness. Members using impacted Cisco ASA devices and FTD software are strongly encouraged to address promptly.
Yesterday, Cisco released security updates to address ArcaneDoor—exploitation of Cisco Adaptive Security Appliances (ASA) devices and Cisco Firepower Threat Defense (FTD) software. A cyber threat actor could exploit vulnerabilities (CVE-2024-20353, CVE-2024-20359, CVE-2024-20358) to install a backdoor to later take control of an affected system.
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 25, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Mandiant recently released its M-Trends 2024 report which highlights targeted attack activity of 4000 different attack groups throughout 2023. It provides a deep look at the evolving cyber threat landscape taken from Mandiant’s incident response investigations and threat intelligence analysis of high-impact attacks around the globe.
Some main points from the report include:
During a speech at Vanderbilt University, FBI Director Christopher Wray drew more attention to the threat from Chinese hacking operations on U.S. critical infrastructure and warned that the situation has become even more urgent. See WaterISAC’s previous coverage of the preeminent cyber threat posed by the PRC.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 23, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
