A joint government advisory claims that APT40, a Chinese state-sponsored actor, is focusing on recently discovered software vulnerabilities in an attempt to exploit them in a matter of hours.
The advisory, authored by the Cybersecurity and Infrastructure Security Agency, FBI, and National Security Agency in the United States, as well as government agencies in Australia, the UK, Canada, New Zealand, Germany, South Korea, and Japan, stated that the cyber group has targeted organisations in a variety of arenas, employing techniques commonly employed by other state-sponsored actors in China. It has often targeted Australian networks, for instance, and remains a threat, the agencies warned.
Rather than using strategies that involve user engagement, the gang seems to prefer exploiting vulnerable, public-facing infrastructure and prioritising the collection of valid credentials. It frequently latches on public exploits as soon as they become accessible, creating a “patching race” condition for organisations.
“The focus on public-facing infrastructure is interesting. It shows they’re looking for the path of least resistance; why bother with elabor
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: