Security News > 2020 > September > CISA: Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies

The US Cybersecurity and Infrastructure Security Agency issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities.

"CISA has observed Chinese -affiliated cyber threat actors operating from the People's Republic of China using commercially available information sources and open-source exploitation tools to target US Government agency networks," the cybersecurity agency said.

Over the past 12 months, the victims were identified through sources such as Shodan, the Common Vulnerabilities and Exposure database, and the National Vulnerabilities Database, exploiting the public release of a vulnerability to pick vulnerable targets and further their motives.

Taking advantage of the fact that organizations aren't quickly mitigating known software vulnerabilities, the state-sponsored attackers are "Targeting, scanning, and probing" US government networks for unpatched flaws in F5 Networks Big-IP Traffic Management User Interface, Citrix VPN, Pulse Secure VPN, and Microsoft Exchange Servers to compromise targets.

Earlier this year, Israeli security firm ClearSky uncovered a cyberespionage campaign dubbed "Fox Kitten" that targeted government, aviation, oil and gas, and security companies by exploiting unpatched VPN vulnerabilities to penetrate and steal information from target companies, prompting CISA to issue multiple security alerts urging businesses to secure their VPN environments.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/aD6sQCu-e58/chinese-hackers-agencies.html