Security News > 2020 > October > NSA: Top 25 vulnerabilities actively abused by Chinese hackers
The U.S. National Security Agency warns that Chinese state-sponsored hackers exploit 25 different vulnerabilities in attacks against U.S. organizations and interests.
As part of these attacks, the NSA has seen twenty-five publicly disclosed vulnerabilities exploited to gain access to networks, deploy malicious mobile apps, and spread laterally through a system while attackers steal sensitive data.
The NSA has categorized the vulnerabilities into different buckets to illustrate how they are being used in cyberattacks.
CVE-2019-11510 - A Pulse Secure VPN vulnerabilities that allow an unauthenticated attacker to gain access to VPN credentials.
As Chinese state-sponsored hackers have been seen utilizing a combination of these vulnerabilities, it is strongly advised that all administrators patch them as soon as possible.
News URL
Related news
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- Belgium probes if Chinese hackers breached its intelligence service (source)
- Belgium probes if Chinese hackers breached its intelligence service (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- Chinese Weaver Ant hackers spied on telco network for 4 years (source)
- Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps (source)
- Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-08 | CVE-2019-11510 | Path Traversal vulnerability in Ivanti Connect Secure 8.2/8.3/9.0 In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability . | 10.0 |