StarDM is not affiliated with nor a partner of CISA – This information is provided as a convenience for informational purposes only
CISA Requests for Comment on Secure Software Self-Attestation Form
CISA has issued requests for comment on the Secure Software Self-Attestation Form. CISA, in coordination with the Office of Budget and Management (OMB), released proposed guidance on secure software. This guidance seeks to secure software
CISA Releases One Industrial Control Systems Medical Advisory
CISA released one Industrial Control Systems Medical (ICS) medical advisory on April 27, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review
MAR-10435108-1.v1 ICONICSTEALER
Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse
CISA to Continue and Enhance U.K.’s Logging Made Easy Tool
CISA has announced plans to continue and enhance the Logging Made Easy (LME) tool, a service originally developed and maintained by the United Kingdom’s National Cyber Security Centre (NCSC-UK). NCSC-UK stopped supporting the open-source log
CISA Releases Malware Analysis Report on ICONICSTEALER
CISA has released a new Malware Analysis Report (MAR) on an infostealer known as ICONICSTEALER. This trojan has been identified as a variant of malware used in the supply chain attack against 3CX’s Desktop App. CISA
CISA and Partners Release Cybersecurity Best Practices for Smart Cities
Today, CISA, NSA, FBI, NCSC-UK, ACSC, CCCS and NCSC-NZ released a joint guide: Cybersecurity Best Practices for Smart Cities. Smart cities may create safer, more efficient, resilient communities through technological innovation and data-driven decision making. However, this
CISA Adds One Known Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2017-6742 Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability These types of vulnerabilities are frequent attack
APT28 Exploits Known Vulnerability to Carry Out Reconnaissance and Deploy Malware on Cisco Routers
APT28 accesses poorly maintained Cisco routers and deploys malware on unpatched devices using CVE-2017-6742. Overview and Context The UK National Cyber Security Centre (NCSC), the US National Security Agency (NSA), US Cybersecurity and Infrastructure Security
IRS Warns of New Tax Scams
The Internal Revenue Service (IRS) has issued a reminder urging taxpayers to be vigilant and wary of new of tax-related scams. These include phishing and other fraudulent behaviors. The IRS recommends strengthening passwords, remaining vigilant