StarDM is not affiliated with nor a partner of CISA – This information is provided as a convenience for informational purposes only
Threat Actors Exploiting F5 BIG IP CVE-2022-1388
Original release date: May 18, 2022CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released the joint Cybersecurity Advisory Threat Actors Exploiting F5 BIG-IP CVE-2022-1388 in response to active exploitation of CVE-2022-1388, which affects
AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388
Original release date: May 18, 2022SummaryActions for administrators to take today: • Do not expose management interfaces to the internet. • Enforce multi-factor authentication. • Consider using CISA’s Cyber Hygiene Services. The Cybersecurity and Infrastructure
AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access
Original release date: May 17, 2022SummaryBest Practices to Protect Your Systems: • Control access. • Harden Credentials. • Establish centralized log management. • Use antivirus solutions. • Employ detection tools. • Operate services exposed on
CISA Temporarily Removes CVE-2022-26925 from Known Exploited Vulnerability Catalog
Original release date: May 13, 2022CISA is temporarily removing CVE-2022-26925 from its Known Exploited Vulnerability Catalog due to a risk of authentication failures when the May 10, 2022 Microsoft rollup update is applied to domain controllers.
AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers
Original release date: May 11, 2022SummaryTactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in use. • Enforce MFA on MSP accounts that access the
U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors
Original release date: May 10, 2022CISA and the Federal Bureau of Investigation (FBI) have updated the joint cybersecurity advisory, Strengthening Cybersecurity of SATCOM Network Providers and Customers, originally released March 17, 2022, with U.S. government
Microsoft Releases Security Advisory for Azure Data Factory and Azure Synapse Pipelines
Original release date: May 9, 2022 | Last revised: May 10, 2022Microsoft has released a security advisory to address a remote code execution vulnerability affecting Azure Data Factory and Azure Synapse Pipelines. A remote attacker
Cisco Releases Security Updates for Enterprise NFV Infrastructure Software
Original release date: May 5, 2022Cisco has released security updates to address multiple vulnerabilities in Enterprise NFV Infrastructure Software. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages
F5 Releases Security Advisories Addressing Multiple Vulnerabilities
Original release date: May 4, 2022F5 has released security advisories on vulnerabilities affecting multiple products, including various versions of BIG-IP. Included in the release is an advisory for CVE-2022-1388, which allows undisclosed requests to bypass