StarDM is not affiliated with nor a partner of CISA – This information is provided as a convenience for informational purposes only
CISA Adds One Known Exploited Vulnerability (CVE-2022-26134) to Catalog
Original release date: June 2, 2022CISA has added one new vulnerability—CVE-2022-26134—to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and
CISA Updates Advisory on Threat Actors Chaining Unpatched VMware Vulnerabilities
Original release date: June 2, 2022CISA has updated Cybersecurity Advisory AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control, originally released May 18, 2022. The advisory has been updated to include additional indicators
AA22-152A: Karakurt Data Extortion Group
Original release date: June 1, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize patching known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enforce multifactor authentication. The
Microsoft Releases Workaround Guidance for MSDT “Follina” Vulnerability
Original release date: May 31, 2022Microsoft has released workaround guidance to address a remote code execution (RCE) vulnerability—CVE-2022-30190, known as "Follina"—affecting the Microsoft Support Diagnostic Tool (MSDT) in Windows. A remote, unauthenticated attacker could exploit
CISA Adds 20 Known Exploited Vulnerabilities to Catalog
Original release date: May 24, 2022CISA has added 20 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors
Mozilla Releases Security Products for Multiple Firefox Products
Original release date: May 23, 2022Mozilla has released security updates to address vulnerabilities in Firefox 100.0.2, Firefox for Android 100.3.0, and Firefox ESR 91.9.1. An attacker could exploit these vulnerabilities to take control of an affected
CISA Adds 21 Known Exploited Vulnerabilities to Catalog
Original release date: May 23, 2022CISA has added 21 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber
CISA Issues Emergency Directive and Releases Advisory Related to VMware Vulnerabilities
Original release date: May 18, 2022CISA has issued Emergency Directive (ED) 22-03 and released a Cybersecurity Advisory (CSA) in response to active and expected exploitation of multiple vulnerabilities in the following VMware products: VMware Workspace ONE Access
AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control
Original release date: May 18, 2022SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory (CSA) to warn organizations that malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and