Cybersecurity

Empowering Small and Medium-Sized Businesses: A Resource Guide for Developing a Resilient Supply Chain Risk Management Plan

The ICT SCRM Task Force’s newest resource, Empowering SMBs: A Resource Guide For Developing a Resilient Supply Chain Risk Management Plan, was created to provide a valuable starting point for small and medium-sized businesses (SMBs) to develop and tailor an information and communications technology (ICT) supply chain risk management (SCRM) plan that meets the needs of their business. The Task Force SMB Resource Guide is a supportive tool that an organization can leverage to establish an actionable SCRM plan that will support the mitigation of risks and disruptions to their supply chains.

Read more about Empowering Small and Medium-Sized Businesses: A Resource Guide for Developing a Resilient Supply Chain Risk Management Plan

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – October 17, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Two Industrial Control Systems Advisories

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – October 17, 2023

Supplemental Cyber Highlights – October 17, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience

Read more about Supplemental Cyber Highlights – October 17, 2023

EPA Withdraws Interpretive Memorandum on PWS Cybersecurity

Note: WaterISAC does not maintain a position on this action, we are providing this development for your awareness.

Read more about EPA Withdraws Interpretive Memorandum on PWS Cybersecurity

Vulnerability Awareness – Cisco IOS XE Devices Targeted in Recent Zero-Day Exploitation

Action may be required for members using impacted appliances.

Read more about Vulnerability Awareness – Cisco IOS XE Devices Targeted in Recent Zero-Day Exploitation

Threat Awareness – Access Key Used in Vishing Campaign

In a recent report from Cofense, the significance of using voice messages for communication was brought to the forefront. The report highlighted an ongoing phishing campaign where threat actors strategically included an access key in the email content, alluring users into accessing what appeared to be a genuine voice message.

Read more about Threat Awareness – Access Key Used in Vishing Campaign

Unsubstantiated Ransomware Threats Against Colonial Pipeline: The Ongoing Challenge of False Allegations

Colonial Pipeline reported that there has been no disruption to its pipeline operations or systems following threats from a ransomware group known as Ransomed.vc, stating the claims made by Ransomed.vc are "unsubstantiated." To validate the security of its systems, Colonial Pipeline collaborated with its security and technology teams and CISA, confirming there had been no disruption to pipeline operations and that its system remained secure. It is believed that the files initially posted online appeared to be related to a third-party data breach that was unrelated to Colonial Pipeline.

Read more about Unsubstantiated Ransomware Threats Against Colonial Pipeline: The Ongoing Challenge of False Allegations

Supplemental Cyber Highlights – October 12, 2023

ICS/OT/SCADA Vulnerabilities & Threats

Read more about Supplemental Cyber Highlights – October 12, 2023

Threat Awareness – Phishing Campaign Leveraging LinkedIn Smart Links Returns to Siphon Microsoft Credentials

Cofense detected a surge in the abuse of LinkedIn Smart Links in phishing attacks allowing actors to bypass protection measures and evade detection. “Smart Links are part of LinkedIn's Sales Navigator service, used for marketing and tracking, allowing Business accounts to email content using trackable links to determine who engaged with it. Also, because Smart Link uses LinkedIn's domain followed by an eight-character code parameter, they appear to originate from a trustworthy source and bypass email protections” (Bleeping Computer, 2023).

Read more about Threat Awareness – Phishing Campaign Leveraging LinkedIn Smart Links Returns to Siphon Microsoft Credentials

Don’t Dismiss DDoS Defense

Google says it mitigated a series of DDoS attacks reaching a peak of 398 million requests per second (rps), which is nearly 9 times bigger than the largest-recorded DDoS attack last year, peaking at 46 million rps. The latest set of attacks started in August and are still ongoing. According to Google, the attacks rely on a novel technique dubbed “Rapid Reset” which leverages stream multiplexing, a feature of the widely adopted HTTP/2 protocol.

Read more about Don’t Dismiss DDoS Defense

You are here

Cybersecurity

Empowering Small and Medium-Sized Businesses: A Resource Guide for Developing a Resilient Supply Chain Risk Management Plan

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – October 17, 2023

Supplemental Cyber Highlights – October 17, 2023

EPA Withdraws Interpretive Memorandum on PWS Cybersecurity

Vulnerability Awareness – Cisco IOS XE Devices Targeted in Recent Zero-Day Exploitation

Threat Awareness – Access Key Used in Vishing Campaign

Unsubstantiated Ransomware Threats Against Colonial Pipeline: The Ongoing Challenge of False Allegations

Supplemental Cyber Highlights – October 12, 2023

Threat Awareness – Phishing Campaign Leveraging LinkedIn Smart Links Returns to Siphon Microsoft Credentials

Don’t Dismiss DDoS Defense

Pages

You are here

Cybersecurity

Pages

Footer Email Signup