StarDM is not affiliated with nor a partner of CISA – This information is provided as a convenience for informational purposes only
Drupal Releases Security Update
Original release date: September 30, 2022Drupal has released a security update to address a vulnerability affecting multiple versions of Drupal. An attacker could exploit this vulnerability to access sensitive information. For advisories addressing lower severity
Microsoft Releases Guidance on Zero-Day Vulnerabilities in Microsoft Exchange Server
Original release date: September 30, 2022Microsoft has released Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server. According to the blog post, “Microsoft is aware of limited targeted attacks using the two vulnerabilities to
VMWare Releases Guidance for VirtualPITA, VirtualPIE, and VirtualGATE Malware Targeting vSphere
Original release date: September 29, 2022VMWare has released Protecting vSphere From Specialized Malware, addressing malware artifacts known as VirtualPITA (ESXi & Linux), VirtualPIE (ESXi), and VirtualGATE (Windows), which are used to exploit and gain persistent
CISA Releases Six Industrial Control Systems Advisories
Original release date: September 29, 2022CISA has released six (6) Industrial Control Systems (ICS) advisories on September 29, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages
CISA Publishes User Guide to Prepare for Nov. 1 Move to TLP 2.0
Original release date: September 29, 2022CISA has published its Traffic Light Protocol 2.0 User Guide and Traffic Light Protocol: Moving to Version 2.0 fact sheet in preparation for its November 1, 2022 move from Traffic Light
MAR-10400779-2.v1 – Zimbra 2
AR22-270B
MAR-10401765-1.v1 – Zimbra 3
AR22-270C
MAR-10400779-1.v1 – Zimbra 1
AR22-270A
CISA Has Added One Known Exploited Vulnerability to Catalog
Original release date: September 22, 2022CISA has added one new vulnerability to it's Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors