An advisory from the Cybersecurity and Infrastructure Security Agency (CISA) warns of attacks against U.S. federal networks by hacker groups associated with China's Ministry of State Security.
Over the last year, the attackers scanned for popular networking devices, then applied exploits for recently disclosed bugs to compromise targeted devices.
Targets include F5 Big-IP load balancers, the Citrix and Pulse Secure virtual private network appliances, and Microsoft Exchange email servers.
Once the hackers penetrate networks, they typically deploy commercial and open source tools to move laterally across networks and exfiltrate information.
CISA advised both the private sector and federal agencies to patch the devices, while warning that Chinese hackers are using a broad range of other exploits, including spear-phishing emails and brute-force attacks to take advantage of weak or default credentials.
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA