• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

Warning: Chinese Threat Actors Targeting Unpatched Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency warns of Chinese threat actors targeting government agencies via unpatched vulnerabilities.

September 16, 2020 Zachary Comeau Leave a Comment

Microsoft Nobelium AD FS
Gorodenkoff/stock.adobe.com

A new advisory from the U.S. Cybersecurity and Infrastructure Security Agency warns of Chinese government-affiliated cyber threat actors using publicly available and open-source information to leverage unpatched software vulnerabilities to attack U.S. government agencies.

According to the warning, hacking groups affiliated with the Chinese Ministry of State Security for the last 12 months have been using publicly available information sources like vulnerability search engine Shodan, the Common Vulnerabilities and Exposure (CVE) database and the National Vulnerabilities Database (NVD).

CISA analysts use the databases to identify federal government systems that are vulnerable to exploits by cyber criminals and nation state actors, but analysts are now finding a correlation between the public release of a vulnerability and targeted scanning of systems identified as being vulnerable.

Read Next: Microsoft: Russia, China, Iran Targeting US Elections

“This correlation suggests that cyber threat actors also rely on Shodan, the CVE database, the NVD, and other open-source information to identify targets of opportunity and plan cyber operations,” the CISA advisory says. “Together, these data sources provide users with the understanding of a specific vulnerability, as well as a list of systems that may be vulnerable to attempted exploits. These information sources therefore contain invaluable information that can lead cyber threat actors to implement highly effective attacks. “

According to the advisory, the cyber threat actors are targeting systems running unpatched products, like the F5 Big-IP Traffic Management User Interface, Citrix VPN Appliances, Pulse Secure VPN Appliances and the Microsoft Exchange Server.

The actors are also using known hacking techniques to identify technical weaknesses in federal government networks, command and control infrastructure and other commercial and open-source tools to conduct their operations.

Those publicly available tools include penetration testing tool Cobalt Strike, China Chopper web shell and credential capture tool Mimikatz.

Other attack methods include email spear phishing, malicious emails, brute force, credential stuffing and more.

For the complete list of specific products being targeted and a link to the appropriate patches, read the advisory.

Tagged With: CISA, Cybersecurity

Related Content:

  • Sony SRG A PTZ Cameras Sony Introduces Two New AI-Enabled PTZ Cameras
  • Microsoft Office 365 Government Secret cloud, MIcrosoft Microsoft Makes Office 365 Secret Cloud Available for…
  • Concept of File management. Searching files in database., 3d vector illustration. Gen Z vs. Baby Boomers: Which Generation Has…
  • Wesco Conference Room as a Service, hybrid work, Fintech Company Standardizes on Wesco’s Conference Room as…

Free downloadable guide you may like:

  • Harnessing the Power of Digital SignageHarnessing the Power of Digital Signage

    Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Harnessing the Power of Digital Signage
Harnessing the Power of Digital Signage

Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Blueprint Series Cover: What works for hybrid work
Blueprint Series: What Works for Hybrid Work

Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

Guide to creating a ransomware response plan download
Blueprint Series: Creating a Ransomware Response Plan

Chances are ransomware hackers are researching your company right now. They’re investing time and money to choose the most profitable targets and a...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.