Hackers are using these flaws to target VPNs and network devices warn the FBI and NSA
Patch these network device flaws that have been used by state-sponsored attackers.
The US is warning that hackers working for China have been exploiting publicly known flaws in network devices as part of broader attacks to steal and manipulate network traffic.
The National Security Agency (NSA), Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have listed 16 flaws in network device software from 10 brands including Cisco, Fortinet, Netgear, MikroTik, Pulse Secure, and Citrix that were publicly disclosed between 2018 and 2021. Most of the flaws are rated as critical.
These flaws are the ones most frequently exploited by hackers backed by the People’s Republic of China (PRC) since 2020, according to the agencies.
The warning concerns attacks exploiting bugs affecting small business routers, network attached storage (NAS) devices, and enterprise VPNs. But the agencies also detail scanning activity and compromises of specialized authentication servers used by major telecommunications companies and network service providers.
Network devices like small business routers and NAS devices serve as additional access points to route the actors’ command and control (C2) traffic.
More News …
Washington (CNN)Chinese government-backed hackers have breached “major telecommunications companies,” among...
You need to patch these network device flaws that have...
Share the news: