[German]In a joint Cybersecurity Advisory (CSA), the U.S. National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) released a list of key vulnerabilities (CVEs) exploited by state-sponsored cyber actors in the People's Republic of China (PRC) since 2020.
Advertising
According to this Cybersecurity Advisory (PDF), PRC state-sponsored cyber actors continue to exploit vulnerabilities already known – and actually closed through security updates – to actively access U.S. and allied networks and software and hardware companies. The goal is to steal intellectual property and gain access to sensitive networks.
Catalin Cimpanu listed these top 20 exploited vulnerabilities in the above tweet. All the CVEs mentioned in the recommendation are publicly known. The main recommended remediation is to fix these and other known vulnerabilities through updates. The published PDF report highlights how PRC cyber actors continue to exploit these vulnerabilities to gain unauthorized access to sensitive networks, establish themselves, and laterally (laterally) access other internally connected networks.
Actors are targeting government and critical infrastructure networks with an increasing number of new and adaptable techniques, according to the report. Some of these techniques pose significant risk to information technology sector organizations (including telecommunications providers), defense industrial base (DIB) organizations, and other critical infrastructure organizations.
This joint Cybersecurity Advisory (CSA) draws on previous reports by NSA, CISA, and the FBI to provide U.S. federal and state, local, tribal, and territorial governments (SLTT), critical infrastructure (including defense industrial sector), and private sector organizations on notable trends and persistent tactics, techniques, and procedures (TTPs).
Advertising
Advertising
