Security News > 2020 > September > What do F5, Citrix, Pulse Secure all have in common? China exploiting their flaws to hack govt, biz – Feds

The US government says the Chinese government's hackers are preying on a host of high-profile security holes in enterprise IT equipment to infiltrate Uncle Sam's agencies and American businesses.

In a joint statement, the FBI and Homeland Security's Cybersecurity and Infrastructure Security Agency on Monday claimed Beijing's miscreants have exploited or attempted to exploit bugs including those in Microsoft Exchange Server, the F5 Big-IP remote takeover vulnerability, Pulse Secure's VPN's remote code flaw and the Citrix VPN directory traversal hole.

The agencies said they have only seen the Chinese hackers "Attempting to discover" vulnerable Citrix appliances, while other bugs like those in F5 and Pulse Secure gear are said to be under active attack.

"Through the National Cybersecurity Protection System, CISA has observed Chinese Ministry of State Security-affiliated cyber threat actors operating from the People's Republic of China using commercially available information sources and open-source exploitation tools," CISA warned.

Above all, the hackers are abusing known-bugs and using publicly available information for their cyber-break-ins rather than exploiting valuable zero-day flaws.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/09/14/chinas_hackers_f5_citrix/