Chinese hackers use new SolarWinds zero-day in targeted attacks

CyberTech

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,250
Content source
https://www.bleepingcomputer.com/news/microsoft/chinese-hackers-use-new-solarwinds-zero-day-in-targeted-attacks/
China-based hackers known to target US defense and software companies are now targeting organizations using a vulnerability in the SolarWinds Serv-U FTP server.

Today, SolarWinds released a security update for a zero-day vulnerability in Serv-U FTP servers that allow remote code execution when SSH is enabled.

According to SolarWinds, this vulnerability was disclosed by Microsoft, who saw a threat actor actively exploiting it to execute commands on vulnerable customer's devices.

Tonight, Microsoft revealed that the attacks are attributed with high confidence to a China-based threat group tracked as 'DEV-0322.'
"This activity group is based in China and has been observed using commercial VPN solutions and compromised consumer routers in their attacker infrastructure," says a new blog post by the Microsoft Threat Intelligence Center.
Click to expand...
 
  • Like
Reactions: Gandalf_The_Grey, Andy Ful, upnorth and 4 others
CyberTech

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,250
It is about SolarWinds this is right here i guess then..

While Apple constantly works to improve the security of its devices, hackers are always looking for new ways to crack the security systems found in the iPhone, iPad, Mac, and other devices. Earlier this year, an exploit found in Apple’s WebKit (which is the Safari engine) allowed hackers to extract login information from iOS devices.

As first reported by Google’s Threat Analysis Group (via ArsTechnica), a zero-day exploit found in some versions of iOS 14 allowed SolarWinds hackers to redirect users to domains that ran malicious code on iPhones and iPads. The same hackers also targeted Windows users, according to the research.

The hacker group had been working working for the Russian Foreign Intelligence Service, which attacked devices belonging to the United States Agency for International Development. By using a malicious script, the hackers were able to send emails as if they were someone belonging to the US agency.
Click to expand...

9to5mac.com

Zero-day exploit allowed SolarWinds hackers to extract login information from iOS devices - 9to5Mac

While Apple constantly works to improve the security of its devices, hackers are always looking for new ways to crack...
9to5mac.com 9to5mac.com
 
  • Like
Reactions: Venustus and ForgottenSeer 85179
You must log in or register to reply here.

Similar threads

Ink
    • Like
MOVEit Transfer zero-day mass-exploited in data theft attacks
Replies
24
Views
8,744
News Archive
Ink
Ink
Gandalf_The_Grey
    • Like
    • +Reputation
Microsoft September 2023 Patch Tuesday fixes 2 zero-days, 59 flaws
Replies
2
Views
1,516
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
[correlate]
    • Like
    • +Reputation
Millions of Exim mail servers exposed to zero-day RCE attacks
Replies
0
Views
1,351
News Archive
[correlate]
[correlate]

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top