StarDM is not affiliated with nor a partner of CISA – This information is provided as a convenience for informational purposes only
CISA Adds Five Known Vulnerabilities to Catalog
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation: CVE-2023-21608 Adobe Acrobat and Reader Use-After-Free Vulnerability CVE-2023-20109 Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability
Apple Releases Security Updates for iOS and iPadOS
Apple has released security updates to address vulnerabilities in iOS and iPadOS. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the
NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations
A plea for network defenders and software manufacturers to fix common problems. EXECUTIVE SUMMARY The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint cybersecurity advisory (CSA) to highlight
CISA and NSA Release New Guidance on Identity and Access Management
Today, CISA and the National Security Agency (NSA) published Identity and Access Management: Developer and Vendor Challenges, authored by the Enduring Security Framework (ESF), a CISA- and NSA-led working panel that includes a public-private cross-sector
CISA Adds Two Known Exploited Vulnerabilities to Catalog, Removes Five KEVs
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation: CVE-2023-42793 Arm Mali GPU Kernel Driver Use-After-Free Vulnerability CVE-2023-28229 Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability These
Mozilla Releases Security Advisories for Thunderbird and Firefox
Mozilla has released security updates to address vulnerabilities for Thunderbird 115.3, Firefox ESR 115.3, and Firefox 118. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users
NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC-Linked Cyber Actors
Today, the U.S. National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Cybersecurity and Infrastructure Security Agency (CISA), along with the Japan National Police Agency (NPA) and the Japan National Center of Incident Readiness
People’s Republic of China-Linked Cyber Actors Hide in Router Firmware
Executive Summary The United States National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japan National Police Agency (NPA), and the Japan National Center
FBI and CISA Release Advisory on Snatch Ransomware
Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released joint Cybersecurity Advisory (CSA) #StopRansomware: Snatch Ransomware, which provides indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated