Vulnerability Management

Feds shed light on top vulnerabilities exploited by Chinese hackers

U.S. and allied government networks and tech firms are being targeted by Chinese state-sponsored threat actors mostly through the exploitation of the Apache Log4j remote code execution flaw, tracked as CVE-2021-44228, the Pulse Connect Secure arbitrary file read bug, tracked as CVE-2019-11510, and the GitLab CE/EE remote code execution vulnerability, tracked as CVE-2021-22205, BleepingComputer reports. Most Chinese hackers have also been leveraging the Atlassian remote code execution flaw, tracked as CVE-2022-26134, and the Microsoft Exchange remote code execution bug, tracked as CVE-2021-26855, in attacks since 2020, according to a joint advisory from the FBI, National Security Agency, and Cybersecurity and Infrastructure Security Agency. Organizations across the U.S. have been urged by the federal agencies to promptly apply security patches, implement phishing-resistant multi-factor authentication, and overhaul network infrastructure that has already reached end-of-life. "NSA, CISA, and FBI continue to assess [People's Republic of China] state-sponsored cyber activities as being one of the largest and most dynamic threats to U.S. government and civilian networks," said the advisory.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.