NSA Advisory on Chinese Government Hacking
The NSA released an advisory listing the top twenty-five known vulnerabilities currently being exploited by Chinese nation-state attackers.
This advisory provides Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks. Most of the vulnerabilities listed below can be exploited to gain initial access to victim networks using products that are directly accessible from the Internet and act as gateways to internal networks. The majority of the products are either for remote access (T1133) or for external web services (T1190), and should be prioritized for immediate patching.
Clive Robinson • October 21, 2020 1:02 PM
@ ALL,
We should all know by now that any country technically capable, or with sufficient assets to buy technical expertise are into cyper espionage, and some a lot lot worse.
Thus it would be nice if the NSA actually just gave the top 50-200 vulnerabilities.
Rather than getting geo-political.
I’m reasonably certain that China is not the only ones using these vulnerabilities. But the implication of the title etc makes it appear otherwise.
Thus some people might make the mistake of blocking all the Chinese IP address ranges and assume they are thus sage from these vulnerabilities rather thsn actually fix the problems properly…