StarDM is not affiliated with nor a partner of CISA – This information is provided as a convenience for informational purposes only
MAR-10454006-r2.v1 SEASPY Backdoor
Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not
CISA Releases Malware Analysis Reports on Barracuda Backdoors
CISA has published three malware analysis reports on malware variants associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG) Appliance, versions 5.1.3.001-9.2.0.006. It was exploited as
Ivanti Releases Security Updates for EPMM to address CVE-2023-35081
Ivanti has identified and released patches for a directory traversal vulnerability (CVE-2023-35081, CWE-22) in Ivanti Endpoint Manager Mobile (EPMM). This vulnerability allows an attacker with EPMM administrator privileges to write arbitrary files with the operating
Preventing Web Application Access Control Abuse
SUMMARY The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn vendors, designers, and developers
CISA Releases Analysis of FY22 Risk and Vulnerability Assessments
CISA has released an analysis and infographic detailing the findings from the 121 Risk and Vulnerability Assessments (RVAs) conducted across multiple critical infrastructure sectors in fiscal year 2022 (FY22). The analysis details a sample attack
Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078
A vulnerability discovered in Ivanti Endpoint Manager Mobile (EPMM, previously branded MobileIron Core) allows unauthenticated access to specific API paths. An attacker with access to these API paths can access personally identifiable information (PII) such
Atlassian Releases Security Updates
Atlassian has released its Security Bulletin for July 2023 to address vulnerabilities in Confluence Data Center & Server (CVE-2023-22505 and CVE-2023-22508) and Bamboo Data Center (CVE-2023-22506). An attacker can exploit these vulnerabilities to take control of an
Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory to warn network defenders about exploitation of CVE-2023-3519, an unauthenticated remote code execution (RCE) vulnerability affecting NetScaler (formerly Citrix) Application Delivery Controller
Citrix Releases Security Updates for NetScaler ADC and Gateway
Citrix has released security updates to address vulnerabilities (CVE-2023-3519, CVE-2023-3466, and CVE-2023-3467) affecting NetScaler ADC and NetScaler Gateway. An attacker can exploit one of these vulnerabilities to take control of an affected system. According to