CISA News Tips & Alerts

Let Us Create A Free Data Management Plan For You!

Get your data connected to an IT STAR!

StarDM is not affiliated with nor a partner of CISA – This information is provided as a convenience for informational purposes only

Top CVEs Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors

Original release date: October 6, 2022CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) providing the top Common Vulnerabilities and Exposures (CVEs) used since

AA22-279A: Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors

Original release date: October 6, 2022SummaryThis joint Cybersecurity Advisory (CSA) provides the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors as assessed by the National

FBI and CISA Publish a PSA on Malicious Cyber Activity Against Election Infrastructure

Original release date: October 5, 2022The Federal Bureau of Investigation (FBI) and CISA have published a joint public service announcement that: Assesses malicious cyber activity aiming to compromise election infrastructure is unlikely to result in large-scale disruptions or

MAR-10365227-3.v1 China Chopper Webshells

AR22-277C

Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

Original release date: October 4, 2022CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA), Impacket and Exfiltration Tool Used to Steal Sensitive Information from

AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

Original release date: October 4, 2022SummaryActions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication (MFA) on all user accounts. • Implement network segmentation to separate network segments based on role

MAR-10365227-1.v1 CovalentStealer

AR22-277A

MAR-10365227-2.v1 HyperBro

AR22-277B

CISA Issues Binding Operational Directive 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks

Original release date: October 3, 2022CISA has issued Binding Operational Directive (BOD) 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks, which seeks improve asset visibility and vulnerability enumeration across the federal enterprise. Although