CISA and NCSC-UK China-nexus covert device networks advisory
Advisory/Mitigation
Summary
Hide ▲
Show ▼
CISA and NCSC-UK released a new advisory warning organizations about Chinese government-linked covert networks built from compromised devices. The guidance says weak home, small-office, and IoT devices can be chained into botnets that support spying, break-ins, device control, and data theft. Defenders are urged to map edge devices, baseline normal connections, retain logs, and enable multifactor authentication to reduce the risk of organizational compromise.
Related Happenings
Healthcare phishing defense guidance for VPN MFA and continuous training
Defensive Guidance
First: 22.05.2026 16:17
Last: 22.05.2026 16:17
Sources 1
About this happening:
Healthcare defenders were urged to treat **phishing** as a top priority, which matters because social engineering is a direct path to **credential abuse** in clinical environments...
Healthcare phishing defense guidance for VPN MFA and continuous training
Defensive GuidanceAbout this happening: Healthcare defenders were urged to treat **phishing** as a top priority, which matters because social engineering is a direct path to **credential abuse** in clinical environments...
AWS exposed-key hardening guidance for Amazon SES phishing abuse
Defensive Guidance
First: 04.05.2026 23:03
Last: 04.05.2026 23:03
Sources 1
About this happening:
**Kaspersky** urged organizations to harden **AWS IAM** and credential handling after **exposed access keys** were linked to phishing delivery through **Amazon SES**, reducing the...
AWS exposed-key hardening guidance for Amazon SES phishing abuse
Defensive GuidanceAbout this happening: **Kaspersky** urged organizations to harden **AWS IAM** and credential handling after **exposed access keys** were linked to phishing delivery through **Amazon SES**, reducing the...
CISA joint guide on agentic AI security
Public Sector Action
First: 01.05.2026 15:00
Last: 01.05.2026 15:00
Sources 1
About this happening:
**CISA**, **ASD ACSC**, and other U.S. and international partners published **Careful Adoption of Agentic Artificial Intelligence (AI) Services**, a joint guide for organizations...
CISA joint guide on agentic AI security
Public Sector ActionAbout this happening: **CISA**, **ASD ACSC**, and other U.S. and international partners published **Careful Adoption of Agentic Artificial Intelligence (AI) Services**, a joint guide for organizations...
CISA-led zero-trust guide for OT environments
Public Sector Action
First: 30.04.2026 17:00
Last: 30.04.2026 17:00
Sources 1
About this happening:
US government agencies led by **CISA** released **Adapting Zero Trust Principles to Operational Technology**, giving **OT operators** a framework to improve **critical infrastruct...
CISA-led zero-trust guide for OT environments
Public Sector ActionAbout this happening: US government agencies led by **CISA** released **Adapting Zero Trust Principles to Operational Technology**, giving **OT operators** a framework to improve **critical infrastruct...
CISA joint Zero Trust OT guide
Public Sector Action
First: 29.04.2026 15:00
Last: 29.04.2026 15:00
Sources 1
About this happening:
CISA and U.S. partners **published** a joint guide to help **OT owners and operators** apply **Zero Trust** to **operational technology environments**, giving government and infra...
CISA joint Zero Trust OT guide
Public Sector ActionAbout this happening: CISA and U.S. partners **published** a joint guide to help **OT owners and operators** apply **Zero Trust** to **operational technology environments**, giving government and infra...
Timeline
-
23.04.2026 15:00 2 articles · 1mo ago
CISA and NCSC-UK release covert device network advisory
Initial DisclosureCISA, NCSC-UK, and global partners released an advisory on Chinese government-linked covert networks built from compromised devices, warning that groups such as Volt Typhoon and Flax Typhoon use weak home, small-office, and IoT devices in botnets to hide malicious activity including spying, break-ins, device control, and data theft. The advisory urges organizations to map network edge devices, baseline normal connections, retain log collection and storage, and enable multifactor authentication to reduce the risk of organizational compromise.
Show sources
- CISA, National Cyber Security Centre (NCSC) UK, and Global Partners Issue Advisory on Chinese Government-Linked Covert Cyber Networks — www.cisa.gov — 23.04.2026 15:00
- CISA, National Cyber Security Centre (NCSC) UK, and Global Partners Issue Advisory on Chinese Government-Linked Covert Cyber Networks — www.cisa.gov — 23.04.2026 15:00