StarDM is not affiliated with nor a partner of CISA – This information is provided as a convenience for informational purposes only
Hunting Russian Intelligence “Snake” Malware
SUMMARY The Snake implant is considered the most sophisticated cyber espionage tool designed and used by Center 16 of Russia’s Federal Security Service (FSB) for long-term intelligence collection on sensitive targets. To conduct operations using
CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans
The Federal Communications Commission (FCC) maintains a Covered List of communications equipment and services that have been determined by the U.S. government to pose an unacceptable risk to the national security of the United States or
CISA Requests for Comment on Secure Software Self-Attestation Form
CISA has issued requests for comment on the Secure Software Self-Attestation Form. CISA, in coordination with the Office of Budget and Management (OMB), released proposed guidance on secure software. This guidance seeks to secure software
CISA Releases One Industrial Control Systems Medical Advisory
CISA released one Industrial Control Systems Medical (ICS) medical advisory on April 27, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review
MAR-10435108-1.v1 ICONICSTEALER
Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse
CISA to Continue and Enhance U.K.’s Logging Made Easy Tool
CISA has announced plans to continue and enhance the Logging Made Easy (LME) tool, a service originally developed and maintained by the United Kingdom’s National Cyber Security Centre (NCSC-UK). NCSC-UK stopped supporting the open-source log
CISA Releases Malware Analysis Report on ICONICSTEALER
CISA has released a new Malware Analysis Report (MAR) on an infostealer known as ICONICSTEALER. This trojan has been identified as a variant of malware used in the supply chain attack against 3CX’s Desktop App. CISA
CISA and Partners Release Cybersecurity Best Practices for Smart Cities
Today, CISA, NSA, FBI, NCSC-UK, ACSC, CCCS and NCSC-NZ released a joint guide: Cybersecurity Best Practices for Smart Cities. Smart cities may create safer, more efficient, resilient communities through technological innovation and data-driven decision making. However, this
CISA Adds One Known Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2017-6742 Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability These types of vulnerabilities are frequent attack