The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
Effective employee offboarding is a critical yet often overlooked aspect of organizational security. As employees transition out of a company, whether voluntarily or involuntarily, it is essential to manage the offboarding process thoughtfully and strategically. A well-executed offboarding experience not only leaves a positive impression on departing employees but will protect sensitive information and ensure the seamless transfer of responsibilities.
Ransomware actors continually refine their methods to take advantage of vulnerabilities and extort ransoms from both organizations and individuals. These attacks can disrupt core services and inflict serious financial and reputational harm underscoring the importance of maintaining constant vigilance. To do so, it is essential to understand the signs and typical mistakes that lead to these attacks. By identifying early warning signs and proactively addressing security vulnerabilities, organizations can protect themselves from becoming targets of ransomware.
Yesterday, the FBI announced a nationwide campaign titled “Take A Beat” to increase awareness of Fraud and Scams impacting the public and to encourage reporting to law enforcement. During this campaign, the FBI will provide the public with information to raise awareness about various types of fraud and scams, offer tips for recognizing and preventing them, and explain how victims can report incidents to help protect others.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories:
Additional Alerts, Updates, and Bulletins:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Incidents & Resilience
There was a notable rise in ransomware attacks targeting industrial organizations in the second quarter of 2024 compared to the prior quarter according to the “Dragos Industrial Ransomware Analysis: Q2 2024” report. The report highlights a significant resurgence in threat actor activity, with large ransomware groups such as Royal ransomware and the Knight groups, rebranding as BlackSuit and RansomHub, respectively.
A recent phishing attack has been observed using a new type of information stealing malware designed to exfiltrate a wide range of sensitive information. Once initiated, the malware targets not only traditional data types like saved passwords, but also session cookies, credit card information, Bitcoin-related extensions, and browsing history. It is engineered to collect comprehensive browser information and files, and then email the stolen data to various email domains owned by the attacker.
Develop a viable defense and threat actors will inevitably find a way to bypass it. That’s the endless game of cat-and-mouse, especially in the cybersecurity world. A historical example was the old advice to ‘never open an email from someone you don’t know,’ so threat actors now expertly purport to be or impersonate someone (or something, as in the case of a well-known brand) we do know. A more recent example concerns multifactor authentication (MFA).
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following Industrial Control System (ICS) security advisories, along with additional alerts, updates, and bulletins:
ICS Advisories
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
