The National Security Agency, Cybersecurity and Infrastructure Security Agency, and Federal Bureau of Investigation issued a joint cybersecurity advisory on cyberattacks from China. The advisory describes the ways in which state-sponsored cyber actors continue to exploit publicly known vulnerabilities in order to establish a broad network of compromised infrastructure.
These actors use the network to exploit a wide variety of targets worldwide, including public and private sector organizations.
The advisory details the targeting and compromise of major telecommunications companies and network service providers and the top vulnerabilities—primarily Common Vulnerabilities and Exposures (CVEs)—associated with network devices routinely exploited by the cyber actors since 2020.
continue reading »