Share
An attack group potentially acting in the interests of the Chinese government has exploited vulnerabilities including a zero day in the widely deployed Pulse Connect Secure VPN appliance to compromise government agencies in the United States and Europe, as well as several dozen other organizations to gather credentials, steal sensitive data, and place webshells on targeted appliances to maintain persistence.
Although researchers have not been able to pinpoint exactly when the attacks began, they have been ongoing for more than a year and could go back several years. Researchers at FireEye Mandiant uncovered the activity targeting Pulse Secure appliances while responding to customer incidents in recent months, and found that a group it now tracks as UNC2630, and possibly several other threat actors, have been exploiting several previously known flaws and one newly discovered vulnerability in the appliances. The new vulnerability (CVE-2021-22893) is a critical remote code exe
To improve the performance of our website, show the most relevant news products and targeted advertising, we collect technical impersonal information about you, including through the tools of our partners. You can find a detailed description of how we use your data in our Privacy Policy. For a detailed description of the technologies, please see the Cookie and Automatic Logging Policy.
By clicking on the Accept & Close button, you provide your explicit consent to the processing of your data to achieve the above goal.
You can withdraw your consent using the method specified in the Privacy Policy.
Accept & Close
Sputnik International
Cyber criminals are said to have chained three flaws, CVE-2021-20021, CVE-2021-20022, and CVE-2021-20023, together to install a backdoor, access files and emails, and move across the victim’s organisation. These vulnerabilities were first discovered in March 2021, and a hotfix was made available for the first two flaws on 9 April 2021. SonicWall then released a fix for the final vulnerability this week, before disclosing details of the exploitation.
Hackers exploit Pulse Secure VPN flaws
Two major hacking groups have deployed a dozen malware families to compromise US and European organisations by exploiting vulnerabilities in Pulse Secure’s VPN platform.
Cyber Attack Targeting America s Remote Workers Points To China
KEY POINTS
CISA issued an emergency directive a move rarely done unless there is high-risk potential
The attack is the third discovered serious hacking for 2021
The United States is facing its third severe and distinct cyber attack in a span of a few months. The attack that points out to China allegedly targets remote workers in the country.
On April 21, Mandiant, a cybersecurity firm under FireEye confirmed the presence of another cybersecurity attack that targets the US government, private companies and critical infrastructure. The firm said that China is behind the series of hacks.
Suspected Chinese hackers spied on US, European targets kttc.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from kttc.com Daily Mail and Mail on Sunday newspapers.