StarDM is not affiliated with nor a partner of CISA – This information is provided as a convenience for informational purposes only
10410305-1.v1 JSP Webshell
AR22-314A
CISA Releases SSVC Methodology to Prioritize Vulnerabilities
Original release date: November 10, 2022Today CISA published its guide on Stakeholder-Specific Vulnerability Categorization (SSVC), a vulnerability management methodology that assesses vulnerabilities and prioritizes remediation efforts based on exploitation status, impacts to safety, and prevalence
Microsoft Releases November 2022 Security Updates
Original release date: November 9, 2022Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and
CISA Upgrades to TLP 2.0
Original release date: November 1, 2022Today, CISA officially upgraded to Traffic Light Protocol (TLP) 2.0, which facilitates greater information sharing and collaboration. CISA made this upgrade in accordance with the recommendation from the Forum of
CISA Releases One Industrial Control Systems Advisory
Original release date: November 1, 2022CISA released one Industrial Control Systems (ICS) advisory on November 1, 2022. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and
CISA Releases Guidance on Phishing-Resistant and Numbers Matching Multifactor Authentication
Original release date: October 31, 2022CISA has released two fact sheets to highlight threats against accounts and systems using certain forms of multifactor authentication (MFA). CISA strongly urges all organizations to implement phishing-resistant MFA to
Joint CISA FBI MS-ISAC Guide on Responding to DDoS Attacks and DDoS Guidance for Federal Agencies
Original release date: October 28, 2022CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released Understanding and Responding to Distributed Denial-of-Service Attacks to provide organizations proactive steps
CISA Adds Six Known Exploited Vulnerabilities to Catalog
Original release date: October 24, 2022CISA has added six vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and