StarDM is not affiliated with nor a partner of CISA – This information is provided as a convenience for informational purposes only
Guidance: Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM)
Today, CISA published the Framing Software Component Transparency, created by the Software Bill of Materials (SBOM) Tooling & Implementation Working Group, one of the five SBOM community-driven workstreams facilitated by CISA. CISA’s community-driven working groups publish documents
Microsoft Releases October 2024 Security Updates
Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the
Avoid Scams After Disaster Strikes
As hurricanes and other natural disasters occur, CISA urges individuals to remain on alert for potential malicious cyber activity. Fraudulent emails and social media messages—often containing malicious links or attachments—are common after major natural disasters.
ASD’s ACSC, CISA, FBI, NSA, and International Partners Release Guidance on Principles of OT Cybersecurity for Critical Infrastructure Organizations
Today, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC)—in partnership with CISA, U.S. government and international partners—released the guide Principles of Operational Technology Cybersecurity. This guidance provides critical information on how to create
CISA’s VDP Platform 2023 Annual Report Showcases Success
Today, the Cybersecurity and Infrastructure Security Agency (CISA) released its Vulnerability Disclosure Policy (VDP) Platform 2023 Annual Report, highlighting the service’s remarkable success in 2023, its second full year of operation. Throughout 2023, CISA focused on
ASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises
Today, the Australian Signals Directorate Australian Cyber Security Centre (ASD ACSC), the Cybersecurity and Infrastructure Security Agency (CISA), and other U.S. and international partners released the joint guide Detecting and Mitigating Active Directory Compromises. This
CISA Warns of Hurricane-Related Scams
As Hurricane Helene approaches, CISA urges users to remain on alert for potential malicious cyber activity. Fraudulent emails and social media messages—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in
Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-45229
Versa Networks has released an advisory for a vulnerability (CVE-2024-45229) affecting Versa Director. A cyber threat actor could exploit this vulnerability to exercise unauthorized REST APIs. CISA urges organizations to apply necessary updates, hunt for
VMware Releases Security Advisory for VMware Cloud Foundation and vCenter Server
VMware released a security advisory addressing vulnerabilities in the VMware Cloud Foundation and the vCenter Server. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages