CISA and NCSC-UK China-nexus covert device networks advisory
Advisory/Mitigation
Summary
Hide ▲
Show ▼
CISA and NCSC-UK released a new advisory warning organizations about Chinese government-linked covert networks built from compromised devices. The guidance says weak home, small-office, and IoT devices can be chained into botnets that support spying, break-ins, device control, and data theft. Defenders are urged to map edge devices, baseline normal connections, retain logs, and enable multifactor authentication to reduce the risk of organizational compromise.
Related Happenings
CISA zero-trust SASE guidance for TIC 3.0
Public Sector Action
H score30
First: 25.06.2026 14:30
Last: 25.06.2026 14:30
Sources 1
About this happening:
CISA published **new guidance** on **June 24** for **federal civilian executive branch agencies** to replace legacy internet gateways with **SASE** as part of the move from **TIC...
CISA zero-trust SASE guidance for TIC 3.0
Public Sector ActionAbout this happening: CISA published **new guidance** on **June 24** for **federal civilian executive branch agencies** to replace legacy internet gateways with **SASE** as part of the move from **TIC...
CISA FortiBleed mitigation guidance
Advisory/Mitigation
H score67
First: 19.06.2026 09:47
Last: 19.06.2026 09:47
Sources 1
About this happening:
**CISA** issued mitigation guidance for **FortiBleed**, urging operators of **internet-accessible Fortinet devices** to harden exposed **FortiGate** and VPN environments after a *...
CISA FortiBleed mitigation guidance
Advisory/MitigationAbout this happening: **CISA** issued mitigation guidance for **FortiBleed**, urging operators of **internet-accessible Fortinet devices** to harden exposed **FortiGate** and VPN environments after a *...
CISA automatic tank gauge system mitigations
Advisory/Mitigation
H score20
First: 02.06.2026 15:00
Last: 02.06.2026 15:00
Sources 1
About this happening:
**CISA**, **FBI**, **NSA**, and the **Department of Energy** warned that attackers are targeting **internet-exposed automatic tank gauge (ATG) systems** used to monitor fuel and l...
CISA automatic tank gauge system mitigations
Advisory/MitigationAbout this happening: **CISA**, **FBI**, **NSA**, and the **Department of Energy** warned that attackers are targeting **internet-exposed automatic tank gauge (ATG) systems** used to monitor fuel and l...
Healthcare phishing defense guidance for VPN MFA and continuous training
Defensive Guidance
H score16
First: 22.05.2026 16:17
Last: 22.05.2026 16:17
Sources 1
About this happening:
Healthcare defenders were urged to treat **phishing** as a top priority, which matters because social engineering is a direct path to **credential abuse** in clinical environments...
Healthcare phishing defense guidance for VPN MFA and continuous training
Defensive GuidanceAbout this happening: Healthcare defenders were urged to treat **phishing** as a top priority, which matters because social engineering is a direct path to **credential abuse** in clinical environments...
AWS exposed-key hardening guidance for Amazon SES phishing abuse
Defensive Guidance
H score14
First: 04.05.2026 23:03
Last: 04.05.2026 23:03
Sources 1
About this happening:
**Kaspersky** urged organizations to harden **AWS IAM** and credential handling after **exposed access keys** were linked to phishing delivery through **Amazon SES**, reducing the...
AWS exposed-key hardening guidance for Amazon SES phishing abuse
Defensive GuidanceAbout this happening: **Kaspersky** urged organizations to harden **AWS IAM** and credential handling after **exposed access keys** were linked to phishing delivery through **Amazon SES**, reducing the...
Timeline
-
23.04.2026 15:00 2 articles · 2mo ago
CISA and NCSC-UK release covert device network advisory
Initial DisclosureCISA, NCSC-UK, and global partners released an advisory on Chinese government-linked covert networks built from compromised devices, warning that groups such as Volt Typhoon and Flax Typhoon use weak home, small-office, and IoT devices in botnets to hide malicious activity including spying, break-ins, device control, and data theft. The advisory urges organizations to map network edge devices, baseline normal connections, retain log collection and storage, and enable multifactor authentication to reduce the risk of organizational compromise.
Show sources
- CISA, National Cyber Security Centre (NCSC) UK, and Global Partners Issue Advisory on Chinese Government-Linked Covert Cyber Networks — www.cisa.gov — 23.04.2026 15:00
- CISA, National Cyber Security Centre (NCSC) UK, and Global Partners Issue Advisory on Chinese Government-Linked Covert Cyber Networks — www.cisa.gov — 23.04.2026 15:00