Security News > 2022 > October > US govt shares top flaws exploited by Chinese hackers since 2020
NSA, CISA, and the FBI revealed today the top security vulnerabilities most exploited by hackers backed by the People's Republic of China to target government and critical infrastructure networks.
The three federal agencies said in a joint advisory that Chinese-sponsored hackers are targeting U.S. and allied networks and tech companies to gain access to sensitive networks and steal intellectual property.
The advisory also bundles recommended mitigations for each of the security flaws most exploited by Chinese threat actors, as well as detection methods and vulnerable technologies to help defenders spot and block incoming attack attempts.
The following security vulnerabilities have been the top most exploited by Chinese-backed state hackers since 2020, according to the NSA, CISA, and the FBI. Vendor.
In June, they also revealed that Chinese state hackers had compromised major telecommunications companies and network service providers to steal credentials and harvest data.
On Tuesday, the U.S. Government also issued an alert about state-backed hackers stealing data from U.S. defense contractors using a custom CovalentStealer malware and the Impacket framework.
News URL
Related news
- Chinese hackers compromised an ISP to deliver malicious software updates (source)
- US warns of Iranian hackers escalating influence operations (source)
- Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control (source)
- Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs (source)
- US offers $2.5 million reward for hacker linked to Angler Exploit Kit (source)
- Chinese-Speaking Hacker Group Targets Human Rights Studies in Middle East (source)
- Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks (source)
- Chinese hackers use new data theft malware in govt attacks (source)
- Chinese hackers linked to cybercrime syndicate arrested in Singapore (source)
- Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware (source)