StarDM is not affiliated with nor a partner of CISA – This information is provided as a convenience for informational purposes only
Barracuda Networks Releases Update to Address ESG Vulnerability
Barracuda Networks has released an update to their advisory addressing a vulnerability—CVE-2023-2868—in their Email Security Gateway Appliance (ESG). According to Barracuda, customers should replace impacted appliances immediately. CISA urges organizations to review the Barracuda advisory
CISA, FBI, and MS-ISAC Update Joint CSA on Progress Telerik Vulnerabilities
Today, CISA, the Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released an update for joint Cybersecurity Advisory (CSA) Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server.
MAR-10443863-1.v1 CVE-2017-9248 Exploitation in U.S. Government IIS Server
Summary Description CISA received three files for analysis. The files included three webshells written in PHP: Hypertext Preprocessor (PHP), Active Server Pages Extended (ASPX), and .NET Dynamic-Link Library (DLL). The sample “sd.php” is highly
Understanding Ransomware Threat Actors: LockBit
SUMMARY In 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023. Since January 2020, affiliates using LockBit have attacked organizations of varying sizes across an array
CISA Issues BOD 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces
Today, CISA issued Binding Operational Directive (BOD) 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces, requiring Federal Civilian Executive Branch (FCEB) agencies to reduce risks posed by internet-exposed networked management interfaces on federal information systems.
CISA and Partners Release Joint Advisory on Understanding Ransomware Threat Actors: LockBit
Today, CISA, the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and international partners released Understanding Ransomware Threat Actors: LockBit, a joint Cybersecurity Advisory (CSA) to help organizations understand and
Fortinet Releases Security Updates for FortiOS and FortiProxy
Fortinet has released security updates to address a heap-based buffer overflow vulnerability CVE-2023-27997 in FortiOS and FortiProxy. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators
CISA and FBI Release #StopRansomware: CL0P Ransomware Gang Exploits MOVEit Vulnerability
CISA and FBI released a joint Cybersecurity Advisory (CSA) CL0P Ransomware Gang Exploits MOVEit Vulnerability in response to a recent vulnerability exploitation attributed to CL0P Ransomware Gang. This [joint guide] provides indicators of compromise (IOCs) and tactics, techniques,
Mozilla Releases Security Updates for Multiple Products
Mozilla has released security updates to address vulnerabilities for Firefox 114 and Firefox ESR 102.12. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review