Sign In

Communications of the ACM

ACM TechNews

CISA: Chinese State Hackers Are Exploiting F5, Citrix, Pulse Secure, Exchange Bugs


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Identifying vulnerabilities.

An advisory from the Cybersecurity and Infrastructure Security Agency warns of attacks against U.S. federal networks by hacker groups associated with China's Ministry of State Security.

Credit: Sergey Nivens/Shutterstock.com

An advisory from the Cybersecurity and Infrastructure Security Agency (CISA) warns of attacks against U.S. federal networks by hacker groups associated with China's Ministry of State Security.

Over the last year, the attackers scanned for popular networking devices, then applied exploits for recently disclosed bugs to compromise targeted devices.

Targets include F5 Big-IP load balancers, the Citrix and Pulse Secure virtual private network appliances, and Microsoft Exchange email servers.

Once the hackers penetrate networks, they typically deploy commercial and open source tools to move laterally across networks and exfiltrate information.

CISA advised both the private sector and federal agencies to patch the devices, while warning that Chinese hackers are using a broad range of other exploits, including spear-phishing emails and brute-force attacks to take advantage of weak or default credentials.

From ZDNet
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


 

No entries found