CISA adds Three Vulnerabilities to “Known Exploited Vulnerabilities”
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of...
Training Announcement: Talk with Texas RE to Highlight E-ISAC
On April 14, 2022, at 1:30 p.m. (Central), “Talk with Texas RE” will feature guest speaker Matthew Duncan from the Electricity Information Sharing and...
SERC Publishes April 2022 Newsletter
SERC published their April 2022 Newsletter. Entities within the SERC footprint should review the newsletter and glean any insights.
REMINDER: CIP Virtualization Suite of Standards Comment Period Extended
The 45-day formal comment period for the CIP Virtualization suite of standards (outlined below) has been extended and is now open through 8 p.m...
Citrix has released security updates to address a vulnerability in Hypervisor
Citrix has released security updates to address a vulnerability in Hypervisor. An attacker could exploit this vulnerability to cause...
Google Releases Security Updates for Chrome
Google has released Chrome version 100.0.4896.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit...
The Critical Infrastructure Defense Project: Free Premium Cybersecurity Services Available to Hospitals and Utilities
Since NERC’s 2021 annual directives report filed on March 29, 2021, the Commission has issued one new directive related to Reliability Standards. In that tim...
CISA Bulletin (SB22-094) “Vulnerability Summary”
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology...
REFRESHER: Facility Ratings (FAC-008) “What the Regulator Sees as The Problem”
Recent years’ audit and enforcement activities (including field verifications by the Regions and entities) have identified multiple instances...
No-Joke Borat RAT Propagates Ransomware, DDoS
Security researchers at Cyble Research Labs have discovered a new malware strain that extends the abilities of typical trojans, providing for a series of...
CISA Officially Designates April as Emergency Communications Month
The Cybersecurity and Infrastructure Security Agency (CISA) kicks off its inaugural Emergency Communications Month. Through its emergency...
SPP posts “Integrated Transmission Planning Assessment (ITP) Resource Plan – Phase 2 (Preliminary Results)”
SPP has posted the "Integrated Transmission Planning Assessment (ITP) Resource Plan - Phase 2 (Preliminary Results) 2023" workbook...
NERC Quarter 2 of 2022, Board of Trustees Committees, Member Representative Committee and Board of Trustees Meeting Information
The NERC 2nd Quarter 2022 Board of Trustees Committees, Member Representatives Committee, and Board of Trustees meetings will be held...
WECC Announced The “Western Renewable Energy Generation Information System (WREGIS)” is transitioning to M-RETS
In the third quarter of 2022, WREGIS will transition to M-RETS, a new platform with improved user interface and functionality upgrades, including...
NIST Seeks Input on International Aspects of the Cybersecurity Framework, Other Resources
Addressing global needs is a critical part of NIST’s work in the evolution of the Cybersecurity Framework, especially as we continue to see international...
FERC Submits FY 2023 Congressional Justification
FERC’s Congressional Justification consolidates the Annual Performance Plan and Annual Performance Report with the Performance Budget Request for...
REMINDER: Talk with Texas RE scheduled to provide E-ISAC Update
Talk With Texas RE to discuss and provide E-ISAC Update. The Webex will be conducted Thursday April 14, 2022, between 1:30 and 2:30 p.m. (Central)...
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation
These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the...
MS-ISAC CYBERSECURITY ADVISORY: Vulnerabilities in Google Android OS Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution...
MS-ISAC Cybersecurity Advisory Number 2022-045: “Multiple Vulnerabilities Vulnerability in Apple Products Could Allow for Local Code Execution”
Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for local code execution. Successful exploitation...
CISA: Spring Releases Security Updates Addressing “Spring4Shell” and Spring Cloud Function Vulnerabilities
Spring by VMWare has released Spring Cloud Function versions 3.1.7 and 3.2.3 to address remote code execution (RCE) vulnerability CVE-2022-22963...