CISA: Chinese state hackers are exploiting F5, Citrix, Pulse Secure, and Exchange bugs

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,168
Content source
https://www.zdnet.com/article/cisa-chinese-state-hackers-are-exploiting-f5-citrix-pulse-secure-and-exchange-bugs/
The Cybersecurity and Infrastructure Security Agency (CISA) has published a security advisory today warning of a wave of attacks carried out by hacking groups affiliated with China's Ministry of State Security (MSS).

CISA says that over the past year, Chinese hackers have scanned US government networks for the presence of popular networking devices and then used exploits for recently disclosed vulnerabilities to gain a foothold on sensitive networks.

The list of targeted devices includes F5 Big-IP load balancers, Citrix and Pulse Secure VPN appliances, and Microsoft Exchange email servers.

For each of these devices, major vulnerabilities have been publicly disclosed over the past 12 months, such as CVE-2020-5902, CVE-2019-19781, CVE-2019-11510, and CVE-2020-0688, respectively.
Click to expand...
www.zdnet.com

CISA: Chinese state hackers are exploiting F5, Citrix, Pulse Secure, and Exchange bugs

CISA says attacks have started a year ago and some have been successful.
www.zdnet.com www.zdnet.com
 
  • Like
  • +Reputation
  • Wow
Reactions: CyberPanther, Andy Ful, plat and 9 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,129
In fact, both US and China have a great history of hacking/spying each other. Any country that is a serious player in world politics has to spy a lot. But, it seems that in the last century, more profits from it were on the China side, especially the profits from stolen patents and technical innovations.
Anyway, the world had stolen over the last millennium many innovations from China, too. I am drinking coffee (at this moment) from one of them.:coffee::)
 
  • Like
Reactions: ZeroDay, CyberPanther and Gandalf_The_Grey
silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,168
threatpost.com

Microsoft Exchange Servers Still Open to Actively Exploited Flaw

Despite Microsoft issuing patches almost eight months ago, 61 percent of Exchange servers are still vulnerable.
threatpost.com threatpost.com
However, new telemetry found that out of 433,464 internet-facing Exchange servers observed, at least 61 percent of Exchange 2010, 2013, 2016 and 2019 servers are still vulnerable to the flaw.
“There are two important efforts that Exchange administrators and infosec teams need to undertake: verifying deployment of the update and checking for signs of compromise,” said Tom Sellers with Rapid7 in a Tuesday analysis.
Click to expand...
 
  • Like
  • +Reputation
Reactions: Andy Ful, harlan4096, upnorth and 1 other person
You must log in or register to reply here.

Similar threads

vtqhtr413
    • Wow
    • +Reputation
    • Like
Security News Chinese 'Earth Krahang' hackers breach 70 orgs in 23 countries
Replies
0
Views
815
Security News
vtqhtr413
vtqhtr413
Gandalf_The_Grey
    • Like
    • Wow
Hackers can open Nexx garage doors remotely, and there's no fix
Replies
4
Views
1,283
News Archive
a090
A
Gandalf_The_Grey
    • +Reputation
    • Wow
Malware News Russian military hackers target Ukraine with new MASEPIE malware
Replies
0
Views
1,173
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top