The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Business email compromise (BEC) and vendor email compromise (VEC) are accurately and often discussed as impersonation-style cyber attacks where threat actors purport to be someone we have an existing trust relationship with. The intent of this ruse is to give phishing ploys a level of credibility to increase the chance of success. Some impersonation-style attacks are little more than amateurs attempting to spoof a trusted sender.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Threat Actors could exploit GIFs in Microsoft Teams to conduct phishing attacks, exfiltrate data, bypass security controls, and perform command execution via a novel attack technique dubbed “GIFShell.” The new attack technique chains together multiple security vulnerabilities in Microsoft Teams to compromise potential victims.
An increasing number of ransomware gangs are embracing a new tactic that allows them to encrypt their victims' systems faster while reducing the odds of being detected, according to a new report from SentinelLabs. This tactic is known as intermittent encryption and involves encrypting only portions of the targeted files' content, which still renders the data unrecoverable without a valid decryptor+key.
The North Korean sponsored advanced persistent threat (APT) Lazarus Group has been targeting energy providers across the world since February 2022 and employing new malware in their attacks, according to security researchers at Cisco Talos. Lazarus Group threat actors gain initial access via the exploitation of the Log4j vulnerability on exposed VMware Horizon servers. After gaining initial access, the attackers establish persistence on the victim networks’, conduct lateral movement, and deploy malware.
Understanding all the systems and devices that make up your organization’s network is a critical first step in establishing a cyber risk management strategy. Since you cannot defend or secure what you do not know you have, performing asset inventories to gain network visibility is critical for all organizations large and small. According to Tenable, organizations that have full network visibility “are better positioned to understand where the greatest risks are within their environment and start taking the necessary steps to mitigate risk where it matters most.”
More than half of companies surveyed worldwide know a partner or vendor that has been impacted by ransomware. Still, few organizations are working to address supply chain vulnerabilities, according to a new report from Trend Micro. To conduct its study, Trend Micro survey around 3000 IT leaders across 26 countries. Among other findings, the report discovered that around 25 percent of all data breaches are due to ransomware.
September is National Insider Threat Awareness Month (NITAM), a time dedicated to spreading awareness in government and industry about the risks posed by insider threats and the role of insider threat programs. This year’s theme is “Critical Thinking in Digital Spaces,” which encourages engaging in critical thinking to recognize and avoid falling victim to insider threats.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
