E Point Perfect – Interesting and beneficial content
Law \ Legal

CISA Lists Top CVEs Exploited by Chinese State-Sponsored Cyber Actors


The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and Exposures (CVEs) that have been used by the People’s Republic of China (PRC) state-sponsored cyber actors since 2020.

According to the Alert, these threat actors “continue to exploit known vulnerabilities to actively target U.S. and allied networks as well as software and hardware companies to steal intellectual property and develop access into sensitive networks.” CISA, the National Security Agency (NSA), and the FBI “assess PRC state-sponsored cyber activities as being one of the largest and most dynamic threats to U.S. government and civilian networks.”

The NSA, CISA, and the FBI “urge U.S. and allied governments, critical infrastructure, and private sector organizations to apply the recommendations listed in the Mitigations section and Appendix A to increase their defensive posture and reduce the threat of compromise from PRC state-sponsored malicious cyber actors.”

The Alert lists the top CVEs most used by Chinese state-sponsored cyber actors and provides mitigation tips to apply to reduce the risk of attack, including patching, multi-factor authentication, password and protocol management, upgrading or replacing devices at the end of their useful lives, moving toward a Zero Trust security posture, and enabling robust logging.

PRC attackers are believed to be behind some of the biggest data breaches the U.S. has seen. They continue to be a major threat to businesses in the U.S. Staying abreast of Alerts from CISA is helpful in minimizing risk and preventing becoming a victim of a state-sponsored cyber-attack.


Source link

Related posts

Shana Tova!

The European Parliament Calls for a Long-Term European Video Game and Esports Strategy

China Issues Security Assessment Measures of Data Cross-border Transfer

Don’t Have a Do-Not-Call Policy? Every SMS You Send Could Violate the TCPA and Come With A Private Right of Action

CDC Announces New COVID-19 Test Requirement for Travelers Coming from China: How Policies Abroad Impact Travel to the United States

FDA Issues Final Guidance on Refusal of Inspection by a Foreign Food Establishment or Foreign Government