🟡 CVE-2025-4021: A vulnerability was found in c... 🟡 CVE-2025-4020: A vulnerability was found in P... 🟡 CVE-2025-32472: The multiScan and picoScan are... 🟡 CVE-2025-4019: A vulnerability, which was cla... 🟡 CVE-2025-4018: A vulnerability, which was cla... 🟡 CVE-2025-4017: A vulnerability classified as ... 🟡 CVE-2025-4016: A vulnerability classified as ... 🟡 CVE-2025-4015: A vulnerability was found in 2... 🟡 CVE-2025-4014: A vulnerability was found in P... 🔥 CVE-2025-3200: An unauthenticated remote atta... 🟡 CVE-2025-4013: A vulnerability was found in P... 🟡 CVE-2025-4012: A vulnerability was found in p... 🟡 CVE-2025-4011: A vulnerability has been found... ⚠️ CVE-2025-42598: Multiple SEIKO EPSON printer d... 🟡 CVE-2025-39367: Missing Authorization vulnerab... 🟢 CVE-2025-32471: The device’s passwords have no... ⚠️ CVE-2025-32470: A remote unauthenticated attac... ⚠️ CVE-2025-4007: A vulnerability classified as ... ⚠️ CVE-2025-22235: EndpointRequest.to() creates a... 🟡 CVE-2025-4006: A vulnerability classified as ... 🟡 CVE-2025-4005: A vulnerability was found in P... 🟡 CVE-2025-4004: A vulnerability was found in P... 🟡 CVE-2025-4003: A vulnerability was found in R... 🟡 CVE-2025-4002: A vulnerability was found in R... 🟡 CVE-2025-4001: A vulnerability has been found... 🟡 CVE-2025-4000: A vulnerability, which was cla... 🟡 CVE-2025-3999: A vulnerability, which was cla... 🟡 CVE-2025-3998: A vulnerability classified as ... 🟡 CVE-2025-3997: A vulnerability classified as ... 🟡 CVE-2025-3996: A vulnerability was found in T... 🟡 CVE-2025-3706: The eHRMS from 104 Corporation... 🟡 CVE-2025-3995: A vulnerability was found in T... 🟡 CVE-2025-3994: A vulnerability was found in T... ⚠️ CVE-2025-3993: A vulnerability was found in T... ⚠️ CVE-2025-3992: A vulnerability has been found... ⚠️ CVE-2025-3991: A vulnerability, which was cla... 🟡 CVE-2025-31144: Quick Agent V3 and Quick Agent... ⚠️ CVE-2025-27937: Quick Agent V3 and Quick Agent... 🔥 CVE-2025-26692: Quick Agent V3 and Quick Agent... ⚠️ CVE-2025-3990: A vulnerability, which was cla... ⚠️ CVE-2025-3989: A vulnerability classified as ... 🟡 CVE-2025-46690: Ververica Platform 2.14.0 allo... 🟡 CVE-2025-46689: Ververica Platform 2.14.0 cont... ⚠️ CVE-2025-3988: A vulnerability classified as ... 🟡 CVE-2025-3987: A vulnerability was found in T... 🟡 CVE-2025-3986: A vulnerability was found in A... 🟡 CVE-2025-3985: A vulnerability was found in A... 🟡 CVE-2025-46688: quickjs-ng through 0.9.0 has a... 🟡 CVE-2025-46687: quickjs-ng through 0.9.0 has a... 🟢 CVE-2025-3984: A vulnerability was found in A... 🟡 CVE-2025-3983: A vulnerability has been found... 🟡 CVE-2025-3982: A vulnerability, which was cla... 🟡 CVE-2025-3981: A vulnerability, which was cla... 🟢 CVE-2025-2866: Improper Verification of Crypt... 🟡 CVE-2025-3980: A vulnerability classified as ... 🟡 CVE-2025-3979: A vulnerability classified as ... 🟡 CVE-2025-3978: A vulnerability was found in d... 🟡 CVE-2025-3977: A vulnerability was found in i... ⚠️ CVE-2025-46657: Karaz Karazal through 2025-04-... 🟡 CVE-2025-3976: A vulnerability was found in P... 🟡 CVE-2025-3975: A vulnerability was found in S... 🟡 CVE-2025-3974: A vulnerability has been found... 🟡 CVE-2025-3973: A vulnerability, which was cla... 🟡 CVE-2025-3972: A vulnerability, which was cla... 🟡 CVE-2025-3971: A vulnerability classified as ... 🟡 CVE-2025-3970: A vulnerability classified as ... 🟡 CVE-2025-3969: A vulnerability was found in c... 🟡 CVE-2025-3968: A vulnerability was found in c... 🟡 CVE-2025-3967: A vulnerability was found in i... 🟡 CVE-2025-3886: An issue in CatoNetworks CatoC... 🟡 CVE-2025-3966: A vulnerability was found in i... 🟡 CVE-2025-3965: A vulnerability has been found... 🟡 CVE-2025-3964: A vulnerability, which was cla... 🟡 CVE-2025-3963: A vulnerability, which was cla... 🟡 CVE-2024-52888: For an authenticated end-user ... 🟢 CVE-2024-52887: Authenticated end-user may set... 🟡 CVE-2025-3962: A vulnerability classified as ... 🟡 CVE-2025-3961: A vulnerability classified as ... 🟡 CVE-2025-3960: A vulnerability was found in w... 🟡 CVE-2025-3959: A vulnerability was found in w... 🟡 CVE-2025-3958: A vulnerability was found in w... 🟡 CVE-2025-3957: A vulnerability was found in o... 🟡 CVE-2025-3956: A vulnerability has been found... ⚠️ CVE-2025-46580: There is a code-related vulner... ⚠️ CVE-2025-46579: There is a DDE injection vulne... 🟡 CVE-2025-46578: There are SQL injection vulner... 🟡 CVE-2025-46577: There is a SQL injection vulne... 🟡 CVE-2025-46576: There is a Permission Manageme... 🟡 CVE-2025-46575: There is an information disclo... 🟡 CVE-2025-46574: There is an information disclo... 🟢 CVE-2025-46675: In NASA CryptoLib before 1.3.2... 🟢 CVE-2025-46674: NASA CryptoLib before 1.3.2 us... 🟡 CVE-2025-46673: NASA CryptoLib before 1.3.2 do... 🟢 CVE-2025-46672: NASA CryptoLib before 1.3.2 do... 🟡 CVE-2025-3955: A vulnerability, which was cla... 🟢 CVE-2025-46656: python-markdownify (aka markdo... 🟡 CVE-2025-3954: A vulnerability, which was cla... 🟡 CVE-2025-46655: CodiMD through 2.5.4 has a CSP... 🟡 CVE-2025-46654: CodiMD through 2.2.0 has a CSP... 🟢 CVE-2025-46653: Formidable (aka node-formidabl...
US Agencies Issue Cybersecurity Guidance Against China-Linked Threats

By Cybersecurity Team on

US Agencies Issue Cybersecurity Guidance Against China-Linked Threats

December 12, 2024

In a collaborative effort, the National Security Agency (NSA), the FBI, and the Cybersecurity and Infrastructure Security Agency (CISA) have joined forces with their counterparts from Australia, Canada, and New Zealand to release a robust cybersecurity guidance aimed at thwarting threats from China-linked malicious actors. The guidance, titled “Enhanced Visibility and Hardening Guidance for Communications Infrastructure”, emphasizes proactive measures to secure telecommunications and enterprise networks.

This nine-page document outlines critical strategies for improving network visibility, such as tracking configuration changes and monitoring unusual activity, as well as detailed steps for hardening network systems. Key recommendations include regular patching, enforcing secure password practices, and disabling unused or insecure protocols. Notably, the guidance addresses specific vulnerabilities in Cisco operating systems, which have been targeted by China-affiliated threat groups in the past.

Proactive Defense Measures

According to NSA cybersecurity director Dave Luber, vigilance and early action are crucial in network defense. “Always have eyes on your systems and patch and address known vulnerabilities before they become targets,” Luber stated. Organizations are urged to log all network activity and adopt strong security measures to mitigate risks.

While primarily aimed at telecommunications providers, the guidance also holds value for enterprises managing on-premises infrastructure. By implementing these measures, organizations can bolster their defenses against increasingly sophisticated cyber threats.

Global Collaboration in Cybersecurity

This initiative exemplifies the growing global collaboration among allied nations to address cybersecurity challenges posed by state-sponsored threats. The partnership among the Five Eyes nations (United States, Australia, Canada, New Zealand, and the United Kingdom) underscores the shared responsibility of safeguarding critical infrastructure against cyber adversaries.

Back to Posts