Original release date: October 20, 2020
The National Security Agency (NSA) has released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. This advisory provides 25 Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages critical system administrators to prioritize the immediate patching of the CVEs in NSA’s advisory and to review CISA’s Alert Potential for China Cyber Response to Heightened U.S.–China Tensions, which details potential cyber response to heightened tensions between the United States and China and provides specific tactics, techniques, and procedures (TTPs) and recommended mitigations to the cybersecurity community to assist in the protection of our Nation’s critical infrastructure.
Review the CISA’s Chinese Malicious Cyber Activity page for more information on Chinese malicious cyber activity.
This product is provided subject to this Notification and this Privacy & Use policy.
Systems Affected MIT Kerberos 5 versions prior to krb5-1.3.5 Applications that use versions of MIT…
Systems Affected Applications that process JPEG images on Microsoft Windows, including but not limited to…
Systems Affected This vulnerability affects the following Microsoft Windows operating systems by default: Microsoft Windows…
CISA, in partnership with Federal Bureau of Investigation, the National Security Agency, Department of Energy,…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
This website uses cookies.