Thursday , June 5 2025
CISA NSA FBI

Telecoms on High Alert: CISA, NSA, FBI Publish joint guideline

National Security Agency (NSA), The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) jointly published guideline to enhanced visibility and hardening guidance for communications infrastructure providing best practices to protect against PRC affiliated threat actor.

According to the guideline above mentioned threat actor has compromised networks of major global telecommunications providers. The guideline urges network engineers and defenders of communications infrastructure to strengthen visibility and harden network devices.

CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

IBM has issued a security advisory for vulnerabilities in its QRadar Suite Software and Cloud Pak for Security platforms. These...
Read More
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

ALERT
Thousands of IP addresses compromised nationwide: CIRT warn

As Bangladesh prepares for the extended Eid-ul-Adha holidays, the BGD e-GOV Computer Incident Response Team (CIRT) has issued an urgent...
Read More
ALERT  Thousands of IP addresses compromised nationwide: CIRT warn

New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries

In March 2025, the Threatfabric mobile Threat Intelligence team identified Crocodilus, a new Android banking Trojan designed for device takeover....
Read More
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries

Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Qualcomm has issued security patches for three zero-day vulnerabilities in the Adreno GPU driver, affecting many chipsets that are being...
Read More
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Critical RCE Flaw Patched in Roundcube Webmail

Roundcube Webmail has fixed a critical security flaw that could enable remote code execution after authentication. Disclosed by security researcher...
Read More
Critical RCE Flaw Patched in Roundcube Webmail

Hacker claim Leak of Deloitte Source Code & GitHub Credentials

A hacker known as "303" claim to breach the company's systems and leaked sensitive internal data on a dark web...
Read More
Hacker claim Leak of Deloitte Source Code & GitHub Credentials

CISA Issued Guidance for SIEM and SOAR Implementation

CISA and ACSC issued new guidance this week on how to procure, implement, and maintain SIEM and SOAR platforms. SIEM...
Read More
CISA Issued Guidance for SIEM and SOAR Implementation

Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora

The Qualys Threat Research Unit (TRU) found two local information-disclosure vulnerabilities in Apport and systemd-coredump. Both issues are race-condition vulnerabilities....
Read More
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora

Australia enacts mandatory ransomware payment reporting

New ransomware payment reporting rules take effect in Australia yesterday (May 30) for all organisations with an annual turnover of...
Read More
Australia enacts mandatory ransomware payment reporting

Why Govt Demands Foreign CCTV Firms to Submit Source Code?

Global makers of surveillance gear have clashed with Indian regulators in recent weeks over contentious new security rules that require...
Read More
Why Govt Demands Foreign CCTV Firms to Submit Source Code?

CISA and the FBI released a guide to help organizations quickly identify unusual behavior, vulnerabilities, and threats, as well as respond to cyber incidents. The guide also offers advice on reducing vulnerabilities and improving security configurations.

CISA Executive Assistant Director for Cybersecurity Jeff Greene said, “The PRC-affiliated cyber activity poses a serious threat to critical infrastructure, government agencies, and businesses. This guide will help telecommunications and other organizations detect and prevent compromises by the PRC.

“Along with our US and international partners, we urge software manufacturers to incorporate Secure by Design principles into their development lifecycle to strengthen the security posture of their customers. Software manufacturers should review our Secure by Design resources and put their principles into practice. added he.”

FBI’s Cyber Division Assistant Director Bryan Vorndran said, “Threat actors affiliated with the People’s Republic of China (PRC) are have targeted commercial telecommunications providers to compromise sensitive data and engage in cyber espionage,”.

“Together with our interagency partners, the FBI issued guidance to enhance the visibility of network defenders and to harden devices against PRC exploitation. We strongly encourage organizations to review and implement the recommended measures in this guide and to report suspicious activity to their local FBI field office.”

This guidance is primarily for the communications infrastructure sector, but it can also benefit organizations with on-premises equipment. CISA urges all critical infrastructure organizations to adopt security best practices.

CISA, NSA, and FBI urge all organizations, especially those in critical infrastructure, to follow their best practices. Jeff Greene emphasized that software manufacturers should adopt Secure by Design principles in their development to reduce future vulnerabilities.

Check Also

Qualcomm

Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Qualcomm has issued security patches for three zero-day vulnerabilities in the Adreno GPU driver, affecting …

Leave a Reply

Your email address will not be published. Required fields are marked *