
image credit: unsplash
Chinese state-sponsored threat actors are exploiting known vulnerabilities to target public and private companies in the United States, the U.S. Cybersecurity and Infrastructure Security Agency says.
A related joint advisory from CISA, the FBI and the National Security Agency discusses how cyberattackers have been compromising “major telecommunications companies and network service providers” since 2020. It describes their tactics, techniques and procedures; lists the top vulnerabilities, especially CVEs, in network devices that are regularly exploited; and offers recommended mitigations.