Cybersecurity

CISA Alert – Royal Ransomware Actors Rebrand as “BlackSuit,” FBI and CISA Release Update to Joint Advisory

The FBI and CISA recently published an update to the joint Cybersecurity Advisory “#StopRansomware: Royal Ransomware.” The updated advisory provides network defenders with recent and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with BlackSuit variants (previously Royal). FBI investigations identified these TTPs and IOCs as recently as July 2024.

Read more about CISA Alert – Royal Ransomware Actors Rebrand as “BlackSuit,” FBI and CISA Release Update to Joint Advisory

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – August 8, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

Read more about CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – August 8, 2024

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – August 1, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

Read more about CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – August 1, 2024

Supplemental Cyber Highlights – August 1, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

Read more about Supplemental Cyber Highlights – August 1, 2024

Situational Awareness – DigiCert Certificate Revocations and Possible Impact to Critical Infrastructure

DigiCert, a leading certificate authority (CA), began revoking thousands of SSL/TLS certificates due to a recently identified domain validation flaw. On July 29, the company informed its customers of the urgent need to revoke these certificates, citing strict compliance requirements set by the CA/Browser Forum (CABF). Initially, it was estimated that about 0.4% of validations were impacted; however, further discussions revealed that more than 83,000 certificates and over 6,800 subscribers were affected.

Read more about Situational Awareness – DigiCert Certificate Revocations and Possible Impact to Critical Infrastructure

Fraud Alert – EPA Office of Inspector General Issues Notice of Violation Phishing Scam

The EPA Office of Inspector General (OIG) has issued a fraud alert regarding a recent trend involving phishing scams that utilize fraudulent EPA Notice of Violation letters. In this scheme, scammers send counterfeit letters to businesses, falsely claiming they have violated environmental regulations like the Clean Air Act and demanding immediate payment of substantial fines.

Read more about Fraud Alert – EPA Office of Inspector General Issues Notice of Violation Phishing Scam

CISA Publishes Resources for Onboarding and Employment Screening to Help Manage the Risk of Insider Threats

Last week, CISA released a new resource, "Resources for Onboarding and Employment Screening," designed for critical infrastructure leaders, human resources (HR) personnel, and managers at any level. This fact sheet provides actionable recommendations and resources for vetting and screening of individuals prior to hiring into an organization. Overall, the goal in conducting personnel vetting and background checks is to reduce the potential for insider threat activity.

Read more about CISA Publishes Resources for Onboarding and Employment Screening to Help Manage the Risk of Insider Threats

Supplemental Cyber Highlights – July 30, 2024

CrowdStrike

Read more about Supplemental Cyber Highlights – July 30, 2024

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – July 30, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

No new ICS advisories to report.

Additional Alerts, Updates, and Bulletins:

Read more about CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – July 30, 2024

Threat Awareness – Another PowerShell “fix” Compromise via the Clipboard

In the Security & Resilience Update on June 18, 2024, WaterISAC shared research from Proofpoint on increased activity it has observed leveraging unique social engineering that directs users to copy and paste malicious PowerShell scripts to infect computers with malware.

Read more about Threat Awareness – Another PowerShell “fix” Compromise via the Clipboard

You are here

Cybersecurity

CISA Alert – Royal Ransomware Actors Rebrand as “BlackSuit,” FBI and CISA Release Update to Joint Advisory

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – August 8, 2024

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – August 1, 2024

Supplemental Cyber Highlights – August 1, 2024

Situational Awareness – DigiCert Certificate Revocations and Possible Impact to Critical Infrastructure

Fraud Alert – EPA Office of Inspector General Issues Notice of Violation Phishing Scam

CISA Publishes Resources for Onboarding and Employment Screening to Help Manage the Risk of Insider Threats

Supplemental Cyber Highlights – July 30, 2024

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – July 30, 2024

Threat Awareness – Another PowerShell “fix” Compromise via the Clipboard

Pages

You are here

Cybersecurity

Pages

Footer Email Signup