The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Four Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
FEMA and CISA have released the joint guide Planning Considerations for Cyber Incidents: Guidance for Emergency Managers to provide state, local, tribal, and territorial (SLTT) emergency managers with foundational knowledge of cyber incidents to increase cyber preparedness efforts in their jurisdictions.
November 7, 2023
In 2021, Anonymous declared a cyber war against Russia after the Ukraine invasion, with similar tactics seen in the Israel-Hamas conflict. While global cybersecurity has improved over 19 months (about 1 and a half years), U.S. companies still face persistent threats:
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases One Industrial Control Systems Advisory
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
IT Vulnerabilities, Malware & Threats
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Six Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
Cybersecurity firm Deep Instinct recently observed a new spear-phishing campaign from the Iranian state-sponsored group “Muddy Water” targeting two entities in Israel using updated TTPs. In the past, Muddy Water has used PDF, RTF, and HTML attachments containing links to archives hosted on various file-sharing platforms. These archives contain installers for various remote administration tools including ScreenConnect, RemoteUtilities, Syncro, etc.
November is Critical Infrastructure Security and Resilience Month, a time when the entire nation is encouraged to take steps to reinforce these systems and be vigilant to threats that undermine collective security and economic prosperity. Both the White House and CISA have released messages recognizing this month, with the latter asking its partners to “Resolve to be Resilient!”
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
