Today, CISA—in partnership with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international partners—released joint guidance, Enhanced Visibility and Hardening Guidance for Communications Infrastructure. Partners of this guidance include:
This guidance was crafted in response to a People’s Republic of China (PRC)-affiliated threat actor’s compromise of “networks of major global telecommunications providers to conduct a broad and significant cyber espionage campaign.” The compromise of private communications impacted a limited number of individuals who are primarily involved in government or political activity.
CISA and partners encourage network defenders and engineers of communications infrastructure, and other critical infrastructure organizations with on-premises enterprise equipment, to review and apply the provided best practices, including patching vulnerable devices and services, to reduce opportunities for intrusion. For more information on PRC state-sponsored threat actor activity, see CISA’s People’s Republic of China Cyber Threat. For more information on secure by design principles, see CISA’s Secure by Design webpage. Customers should refer to CISA’s Secure by Demand guidance for additional product security considerations.
Today, CISA released the Eviction Strategies Tool to provide cyber defenders with critical support and…
CISA released Microsegmentation in Zero Trust, Part One: Introduction and Planning as part of its…
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
Update (07/24/2025): CISA continues to update reporting on this ongoing activity, as threat actor tactics,…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released nine Industrial Control Systems (ICS) advisories on July 22, 2025. These advisories provide…
This website uses cookies.