Cybersecurity

CISA Releases Advisory on Threat Actors Exploiting CVE-2023-26360 Vulnerability in Adobe ColdFusion

Today, CISA released a cybersecurity advisory “Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers,” in response to confirmed exploitation of CVE-2023-26360 by unidentified threat actors at a federal civilian executive branch agency. This vulnerability presents as an improper access control issue impacting specific versions of Adobe ColdFusion, some of which are no longer supported.

Read more about CISA Releases Advisory on Threat Actors Exploiting CVE-2023-26360 Vulnerability in Adobe ColdFusion

Supplemental Cyber Highlights – December 5, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

Read more about Supplemental Cyber Highlights – December 5, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – December 5, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Two Industrial Control Systems Advisories

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – December 5, 2023

(TLP:CLEAR) Water Utility Control System Cyber Incident Advisory: ICS/SCADA Incident at Municipal Water Authority of Aliquippa (Updated November 30, 2023)

As WaterISAC continues to monitor for more information regarding this incident, we would like to make members aware that this may not be an isolated incident. There have been a few open source reports about additional incidents with similar characteristics having occurred at other US water and wastewater utilities. WaterISAC is currently attempting to confirm those reports.

Based on this information, as a reminder members are highly encouraged to:

Read more about (TLP:CLEAR) Water Utility Control System Cyber Incident Advisory: ICS/SCADA Incident at Municipal Water Authority of Aliquippa (Updated November 30, 2023)

Supplemental Cyber Highlights – November 30, 2023

Critical Infrastructure

Read more about Supplemental Cyber Highlights – November 30, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – November 30, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Four Industrial Control Systems Advisories

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – November 30, 2023

(TLP:CLEAR) CISA Releases Alert on Exploitation of Unitronics PLCs Used in Water and Wastewater Systems

As a follow up and in response to WaterISAC’s advisory yesterday on the incident at the Municipal Water Authority of Aliquippa, CISA just released an alert warning water and wastewater utilities of the exploitation of Unitronics PLCs.

Read more about (TLP:CLEAR) CISA Releases Alert on Exploitation of Unitronics PLCs Used in Water and Wastewater Systems

Proofpoint Report Unveils Threat of MFA Fatigue Attacks

A new Proofpoint report highlights MFA fatigue attacks, where users, bombarded by a continuous stream of MFA notifications, hastily approve requests out of frustration. Real-world examples include attacks on Uber, Cisco, and Microsoft by the Lapsus$ threat actor and underscore the prevalence and impact of these tactics.

Read more about Proofpoint Report Unveils Threat of MFA Fatigue Attacks

Microsoft Uncovers Diamond Sleet's Supply Chain Attack with LambLoad Malware

According to a new blog post by Microsoft, a North Korean-based threat actor dubbed Diamond Sleet has been observed distributing a malicious variant of a legitimate application installer developed by CyberLink Corp. to target customers in a supply chain attack. For its part, the trojanized file, which is hosted on CyberLink’s update infrastructure, includes malicious code that is designed to download, decrypt, and load a second-stage payload.

Read more about Microsoft Uncovers Diamond Sleet's Supply Chain Attack with LambLoad Malware

Supplemental Cyber Highlights – November 28, 2023

Critical Infrastructure

Read more about Supplemental Cyber Highlights – November 28, 2023

You are here

Cybersecurity

CISA Releases Advisory on Threat Actors Exploiting CVE-2023-26360 Vulnerability in Adobe ColdFusion

Supplemental Cyber Highlights – December 5, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – December 5, 2023

(TLP:CLEAR) Water Utility Control System Cyber Incident Advisory: ICS/SCADA Incident at Municipal Water Authority of Aliquippa (Updated November 30, 2023)

Supplemental Cyber Highlights – November 30, 2023

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – November 30, 2023

(TLP:CLEAR) CISA Releases Alert on Exploitation of Unitronics PLCs Used in Water and Wastewater Systems

Proofpoint Report Unveils Threat of MFA Fatigue Attacks

Microsoft Uncovers Diamond Sleet's Supply Chain Attack with LambLoad Malware

Supplemental Cyber Highlights – November 28, 2023

Pages

You are here

Cybersecurity

Pages

Footer Email Signup