The Cybersecurity and Infrastructure Security Agency reports that sophisticated cyber actors – including those affiliated with China’s Ministry of State Security – are using known vulnerabilities and open-source exploits to infiltrate U.S. federal government entities. The advisory describes how these and other cyber actors are able to gain initial access, collect and store credentials, select targets and gather information, and build capabilities by establishing command and control within a compromised system. The hackers are reportedly using public resources such as the national database of vulnerabilities maintained by the National Institute of Standards and Technology to sharpen their tools.
