StarDM is not affiliated with nor a partner of CISA – This information is provided as a convenience for informational purposes only
Oracle Releases April 2022 Critical Patch Update
Original release date: April 19, 2022Oracle has released its Critical Patch Update for April 2022 to address 520 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of
CISA Releases Secure Cloud Business Applications (SCuBA) Guidance Documents for Public Comment
Original release date: April 18, 2022 | Last revised: April 19, 2022CISA has released draft versions of two guidance documents—along with a request for comment (RFC)—that are a part of the recently launched Secure Cloud
North Korean State-Sponsored APT Targets Blockchain Companies
Original release date: April 18, 2022CISA, the Federal Bureau of Investigation (FBI), and the U.S. Treasury Department have released a joint Cybersecurity Advisory (CSA) that details cyber threats associated with cryptocurrency thefts and tactics used by
AA22-108A: TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
Original release date: April 18, 2022SummaryActions to take today to mitigate cyber threats to cryptocurrency: • Patch all systems. • Prioritize patching known exploited vulnerabilities. • Train users to recognize and report phishing attempts. •
VMware Releases Security Updates for Cloud Director
Original release date: April 15, 2022VMware has released security updates to address a remote code execution vulnerability in Cloud Director. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages
Microsoft Releases Advisory to Address Critical Remote Code Execution Vulnerability (CVE-2022-26809)
Original release date: April 13, 2022Microsoft has released an advisory to address CVE-2022-26809, a critical remote code execution vulnerability in Remote Procedure Call Runtime Library. A remote, unauthenticated attacker could exploit this vulnerability to take control of
APT Actors Target ICS/SCADA Devices
Original release date: April 13, 2022CISA, the Department of Energy (DOE), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), warning that certain advanced persistent
AA22-103A: APT Cyber Tools Targeting ICS/SCADA Devices
Original release date: April 13, 2022SummaryActions to Take Today to Protect ICS/SCADA Devices: • Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. • Change all passwords to ICS/SCADA devices
CISA Adds 10 Known Exploited Vulnerabilities to Catalog
Original release date: April 13, 2022CISA has added 10 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber