StarDM is not affiliated with nor a partner of CISA – This information is provided as a convenience for informational purposes only
Updated: Kubernetes Hardening Guide
Original release date: March 15, 2022The National Security Agency (NSA) and CISA have updated their joint Cybersecurity Technical Report (CTR): Kubernetes Hardening Guide, originally released in August 2021, based on valuable feedback and inputs from
Dirty Pipe Privilege Escalation Vulnerability in Linux
Original release date: March 10, 2022CISA is aware of a privilege escalation vulnerability in Linux kernel versions 5.8 and later known as “Dirty Pipe” (CVE-2022-0847). A local attacker could exploit this vulnerability to take control
Updated: Conti Ransomware
Original release date: March 9, 2022CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the United States Secret Service (USSS) have re-released an advisory on Conti ransomware. Conti cyber threat actors
CISA Releases Security Advisory on PTC Axeda Agent and Desktop Server
Original release date: March 8, 2022CISA has released an Industrial Controls Systems Advisory (ICSA), detailing vulnerabilities in PTC Axeda agent and Axeda Desktop Server. Successful exploitation of these vulnerabilities—collectively known as “Access:7”—could result in full
FBI Releases Indicators of Compromise for RagnarLocker Ransomware
Original release date: March 8, 2022The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with ransomware attacks by RagnarLocker, a group of a ransomware actors targeting critical infrastructure sectors.
CISA’s Zero Trust Guidance for Enterprise Mobility Available for Public Comment
Original release date: March 7, 2022CISA has released a draft version of Applying Zero Trust Principles to Enterprise Mobility for public comment. The paper guides federal agencies as they evolve and operationalize cybersecurity programs and capabilities,
CISA Adds 11 Known Exploited Vulnerabilities to Catalog
Original release date: March 7, 2022CISA has added 11 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types
NSA Releases Network Infrastructure Security Guidance
Original release date: March 3, 2022The National Security Agency (NSA) has released a new Cybersecurity Technical Report (CTR): Network Infrastructure Security Guidance. The report captures best practices based on the depth and breadth of experience
CISA Adds 95 Known Exploited Vulnerabilities to Catalog
Original release date: March 3, 2022CISA has added 95 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber