Last week EPA’s Office of Water finalized a report describing how it plans to provide voluntary cybersecurity technical support to drinking water systems, the second of two cyber-related actions that were mandated by Congress last year as part of the Bipartisan Infrastructure Law.
The NSA and CISA have posted a minor update to the Kubernetes Hardening Guidance. The updated document can be accessed at NSA.
August 3, 2021
CSO Online has posted an article detailing how business email compromise (BEC) attacks continue to have a larger impact on the economy compared to ransomware attacks, despite the more significant amount of media attention devoted to the latter. Based off of data from the FBI, in 2021 BEC attacks were responsible for the loss of $2.4 billion, in comparison to a loss of $49.2 million to ransomware attacks. The article offers a few explanations for this mismatch between reality and expectation.
Cofense posted a blog detailing a phishing campaign utilizing unique tactics that is targeting multiple sectors, including energy, financial services, commercial real estate, food, and manufacturing. This campaign, which spoofs eFax and Microsoft 365, approaches targets in a nontraditional way by pretending to be from a survey site asking for customer feedback.
Despite the ability to significantly reduce the risk from account takeovers, MFA is not without its challenges. While MFA is a simple control to use, configuring it isn’t necessarily so seamless – yet it’s a control that can’t be dismissed. From MFA push notification fatigue to exploiting weaknesses in self-enrollment configurations, multiple threat actor types seem to be increasingly bypassing this important cyber defense technique.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Alerts, Updates, and Bulletins:
A new report from Microsoft analyzes the evolving nature of the ransomware business into a ransomware as a service (RaaS) model and offers important lessons and recommendations for network defenders. The most notable finding, among others, is that over 80 percent of ransomware attacks can be traced to common configuration errors in software and devices. The RaaS model lowers the barrier to entry and obfuscates the identity of the attackers behind the ransomware.
The FBI has published a TLP:WHITE Private Industry Notification (PIN) warning that cyber criminals are leveraging proxies and configurations to mask and automate credential stuffing attacks on online customer accounts of U.S. businesses. These attacks, if successful, can lead to financial losses associated with fraudulent purchases, customers being notified, system downtime and remediation, and reputational cost.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
by Andrew Hildick-Smith
Attention: If the EPA or your primacy agency asks you to validate your basic Public Water Supply (PWS) system information, look extremely closely to the email and validate/verify the request is legitimate BEFORE you respond. Please view the attachment for screenshots of the actual phishing messages so you can spot and report similar scams.
What Happened?
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
