Multiple US Federal Agencies Warn of Vulnerabilities in Cisco, Citrix, DrayTek, D-Link, Fortinet, MikroTik, NETGEAR, Pulse, QNAP, Zyxel etc

A cybersecurity advisory was issued by the National Security Agency (NSA), Federal Bureau of Investigations (FBA), and the Cybersecurity and Infrastructure Security Agency (CISA), which pointed out the ways hackers hired by China attacked telecommunications companies and network service providers.

The advisory includes a list of 16 flaws in network device software from companies such as Cisco, Netgear, and Pulse Secure. These flaws were made public between 2018 and 2021. As per the agencies, the networks affected vary from small office/home office routers to medium and large enterprise networks.

The advisory said that by manipulating these flaws, the threat actors able to “establish broad infrastructure networks to exploit a wide range of public and private sector targets”.

In order to contain the effects of these public vulnerabilities, the agencies advised network owners to apply patches as soon as possible, turn off unnecessary ports and protocols, and segment networks.

The U.S. government has been highly cautious about cyber threats from countries like Russia and China. Meanwhile, China has continuously rejected the accusations, and instead charged the U.S. government with cyber crime.

If you would like to engage us to examine your network please call Kelly on 0429 727 091 or fill out the contact form below:

 

11 + 14 =