Today, CISA—in partnership with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international partners—released joint guidance, Enhanced Visibility and Hardening Guidance for Communications Infrastructure. Partners of this guidance include:
This guidance was crafted in response to a People’s Republic of China (PRC)-affiliated threat actor’s compromise of “networks of major global telecommunications providers to conduct a broad and significant cyber espionage campaign.” The compromise of private communications impacted a limited number of individuals who are primarily involved in government or political activity.
CISA and partners encourage network defenders and engineers of communications infrastructure, and other critical infrastructure organizations with on-premises enterprise equipment, to review and apply the provided best practices, including patching vulnerable devices and services, to reduce opportunities for intrusion. For more information on PRC state-sponsored threat actor activity, see CISA’s People’s Republic of China Cyber Threat. For more information on secure by design principles, see CISA’s Secure by Design webpage. Customers should refer to CISA’s Secure by Demand guidance for additional product security considerations.
The Cybersecurity and Infrastructure Security Agency (CISA), through the Joint Cyber Defense Collaborative (JCDC), enabled…
Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor…
Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could…
Apple released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor…
The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Homeland Security Systems Engineering…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of…
This website uses cookies.