Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook

pulse secure are citrix exchange f5 exploiting state chinese hackers bugs

mrtroutChinese state hackers are exploiting F5, Citrix, Pulse Secure, and Exchange bugs
#1      CISA: Chinese state hackers are exploiting F5, Citrix, Pulse Secure, and Exchange bugs
CISA says attacks have started a year ago and some have been successful.
By Catalin Cimpanu for Zero Day | September 14, 2020 -- 14:45 GMT (07:45 PDT) | Topic: Security    The Cybersecurity and Infrastructure Security Agency (CISA) has published a security advisory today warning of a wave of attacks carried out by hacking groups affiliated with China's Ministry of State Security (MSS).

CISA says that over the past year, Chinese hackers have scanned US government networks for the presence of popular networking devices and then used exploits for recently disclosed vulnerabilities to gain a foothold on sensitive networks.

The list of targeted devices includes F5 Big-IP load balancers, Citrix and Pulse Secure VPN appliances, and Microsoft Exchange email servers.

For each of these devices, major vulnerabilities have been publicly disclosed over the past 12 months, such as CVE-2020-5902, CVE-2019-19781, CVE-2019-11510, and CVE-2020-0688, respectively.

According to a table summarizing Chinese activity targeting these devices published by CISA today, some attacks have been successful and enabled Chinese hackers to gain a foothold on federal networks.

Possibly Related Threads…
Thread Author Replies Views Last Post
  Chinese Hackers 'Stole Data From Spanish Vaccine Labs': Report mrtrout 0 58 09-18-2020 , 06:18 PM
Last Post: mrtrout
  Chinese Hackers Have Pillaged Taiwan's Semiconductor Industry mrtrout 0 171 08-08-2020 , 09:05 AM
Last Post: mrtrout
  Newsletter plugin bugs let hackers inject backdoors on 300K sites tarekma7 0 132 08-06-2020 , 08:55 PM
Last Post: tarekma7
  State-sponsored malware – a real and present danger mrtrout 0 141 07-29-2020 , 06:53 AM
Last Post: mrtrout
  DoJ charges Chinese hackers with targeting COVID-19 research centers mrtrout 0 242 07-25-2020 , 10:15 PM
Last Post: mrtrout

Forum Jump:

Users browsing this thread: 1 Guest(s)