https://www.cyberscoop.com/vpn-vulnerabilities-china-apt-palo-alto/
By Jeff Stone
CYBERSCOOP
October 7, 2019
International hacking groups are exploiting vulnerabilities in virtual private
network technologies to steal user credentials and monitor sensitive traffic,
the United Kingdom’s National Cyber Security Centre said, amid recent warnings
that the Chinese government has used similar tactics to collect intelligence.
The NCSC, an offshoot of Britain’s intelligence agency, the GCHQ, said on Oct.
2 hackers are leveraging outdated versions of Palo Alto Networks, Fortinet and
Pulse Secure products. The U.S. Department of Homeland Security’s Cybersecurity
and Infrastructure Agency published its own advisory on the vulnerabilities,
which attackers could use to take over an affected system, on Oct. 4.
Neither warning speculates on who may be behind the attack, though the alerts
come after Microsoft in August said Manganese, a Chinese hacking collective
also known as APT5, was focusing attacks on Pulse Secure and Fortinet products.
Pulse Secure, Palo Alto and Fortinet have each released security updates for
all of the affected products.
“This activity is ongoing, targeting both U.K. and international
organisations,” the NCSC advisory stated. “Affected sectors include government,
military, academic, business and healthcare. These vulnerabilities are well
documented in open source.”
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
