Morioh
Login
Paula Hall

Paula Hall

2 years ago

The Feds have published a Top 25 exploits list, rife with big names like BlueKeep, Zerologon and other notorious security vulnerabilities.

Chinese state-sponsored cyberattackers are actively compromising U.S. targets using a raft of known security vulnerabilities – with a Pulse VPN flaw claiming the dubious title of “most-favored bug” for these groups.

That’s according to the National Security Agency (NSA), which released a “top 25” list of the exploits that are used the most by China-linked advanced persistent threats (APT), which include the likes of Cactus PeteTA413, Vicious Panda and Winniti.

The Feds warned in September that Chinese threat actors had successfully compromised several government and private sector entities in recent months; the NSA is now driving the point home about the need to patch amid this flurry of heightened activity.

“Many of these vulnerabilities can be used to gain initial access to victim networks by exploiting products that are directly accessible from the internet,” warned the NSA, in its Tuesday advisory. “Once a cyber-actor has established a presence on a network from one of these remote exploitation vulnerabilities, they can use other vulnerabilities to further exploit the network from the inside.”

APTs – Chinese and otherwise – have ramped up their cyberespionage efforts in the wake of the pandemic as well as in the leadup to the U.S. elections next month. But Chloé Messdaghi, vice president of strategy at Point3 Security, noted that these vulnerabilities contribute to an ongoing swell of attacks.

“We definitely saw an increase in this situation last year and it’s ongoing,” she said. “They’re trying to collect intellectual property data. Chinese attackers could be nation-state, could be a company or group of companies, or just a group of threat actors or an individual trying to get proprietary information to utilize and build competitive companies…in other words, to steal and use for their own gain.”

#government #vulnerabilities #advanced persistent threats #apt #bluekeep #bug parade #bugs #cactus pete #china #china backed #chinese #cve-2019-11510 #cyberattacks #exchange #f5 #microsoft windows #most exploited #nation state #nsa #patches #pulse vpn #security vulnerabilities #ta413 #top 25 #top exploits #vicious panda #winniti #zerologon

Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks

threatpost.com

Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks

Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks. The Feds have published a Top 25 exploits list, rife with big names like BlueKeep, Zerologon and other notorious security vulnerabilities.

1.15 GEEK