On August 31, 2023, WaterISAC shared the JCSA about the coordinated law enforcement disruption of the Qakbot botnet infrastructure and how organizations could utilize known behaviors to detect and protect against Qakbot activity.
In a recent report from Menlo Security, it was discovered that “Indeed,” a widely recognized global job search platform headquartered in the U.S., boasting over 350 million monthly visitors and a global workforce of more than 14,000 employees, has become the focus of a significant phishing campaign. This campaign underscores the pervasive threat of abusing trust and how actors exploit credible and popular platforms.
According to a recent report from Malwarebytes, ransomware attacks don't typically originate as a fresh problem for organizations; instead, they are largely the grim culmination of unresolved network compromises and inefficient security controls. According to the report, threat actors gain initial access through stolen login credentials, deployed malware, or established backdoors. The report notes that the majority of reinfections stem from the failure to address underlying vulnerabilities that led to the initial breach and improper remediations.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Three Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
CISA and the National Security Agency (NSA) have published Identity and Access Management: Developer and Vendor Challenges, authored by the Enduring Security Framework (ESF), a CISA- and NSA-led working panel that includes a public-private cross-sector partnership.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT/SCADA Vulnerabilities & Threats
WaterISAC is once again a Champion of Cybersecurity Awareness Month. This October marks the 20th anniversary of this critical initiative.
In a report by Egress, researchers found that human-generated phishing campaigns are getting harder to detect, with a 24.4% increase in obfuscation techniques integrated into over half (55%) of phishing emails in 2023. These techniques have also grown in sophistication, with almost half (47%) of phishing threat actors deploying two obfuscation layers, while less than one-third (31%) use only one technique.
In a recent report from Forbes, the nation's cybersecurity was in a tight spot when Congress passed a bill to keep the government running for the next 45 days. A government shutdown could have caused problems for many government functions, including those responsible for protecting the country from cyberattacks. Depending on how long the shutdown lasted, it could have led to a crisis for companies and organizations across the country.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
Alerts, Updates, and Bulletins:
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
