Plugavel.
  • Home
  • Tech
  • Car
  • More
    • Privacy policy
    • About us
    • Contact us
No Result
View All Result
Plugavel.
  • Home
  • Tech
  • Car
  • More
    • Privacy policy
    • About us
    • Contact us
No Result
View All Result
Plugavel.
No Result
View All Result
ADVERTISEMENT

US defense firms targeted by Chinese hackers

22 de April de 2021
in Tech
Inquiétant. Des groupes de hackers probablement liés au gouvernement chinois s’infiltrent dans les serveurs des entreprises américaines liées à l’industrie de la défense via leur VPN. © The Digital Artist, Piwabay
ADVERTISEMENT

Hackers suspected of being backed by the Chinese government are exploiting critical vulnerabilities in Pulse Secure VPN to infiltrate government servers and large companies including those linked to the defense industry in the United States.

For six months, it’s been a surge d’intrusions which affects the servers of governmental, financial or even defense-related organizations around the world and more particularly in the United States. Noticed by Mandiant, a company specializing in cybersecurity, this vague precisely targets the vulnerabilities of the VPN Pulse Secure which is widely used by these organizations and companies. They exploited a loophole zero day, that is to say which had never been identified, in order to bypass the authentication to two factors to enter the servers of companies and target organizations. From that point on, they can install their payloads which will remain active and allow remote control over the servers to be maintained despite VPN security updates. According to Mandiant, this flaw dubbed CVE-2021-22893 has been exploited by several groups of hackers. In all, twelve malware families revolve around these vulnerabilities related to VPN Pulse Secure.

Chinese government-linked hacker groups

Among the actors in these attacks, Mandiant claims to have uncovered evidence that links one of the hacker groups to the Chinese government. Nicknamed UNC2630, this new, hitherto unknown team appears to have ties to a Chinese hacker group operating since 2007 and identified as APT5. He is known for his ties to the Chinese government. Another team called UNC2717 could also come from APT5.

The famous fault zero-day benefits from a patch that Ivanti, the parent company of Pulse Secure, has just released. A patch that theUS cybersecurity agency (Cisa) urges to apply immediately. But Mandiant also notes that, aside from this vulnerability, hackers are still exploiting vulnerabilities that have already been identified and sealed for the past two years. As is often the case, it is the lack of updates in organizations and companies that is the cause and source of these intrusions.

Interested in what you just read?

ADVERTISEMENT
ShareTweetPin

Related Posts

Selon StoreDot, la température de sa batterie n’a jamais excédé 33 degrés Celsius durant cette démonstration de charge rapide. © StoreDot
Tech

Electric car: demo of ultra-fast charging of 160 km in 5 minutes!

You will also be interestedThe Israeli startup StoreDot is working on a new technology intended to significantly speed up the...

20 de May de 2022
Les plateformes de publicité nous géolocalisent en moyenne 400 fois par jour. © Gerd Altmann, Pixabay
Tech

Your personal data is exposed 340 times a day!

According to an Irish report, our personal information, including geolocation, is disseminated to thousands of companies on average nearly 400...

20 de May de 2022
Vélo électrique 26
Tech

Good deal: the 26′ Velobecane electric bike is only €619.99 on Cdiscount!

Did you know there was a bike shortage right now? Shops are out of stock. But at Cdiscount currently, this...

20 de May de 2022
French Days : la trottinette Xiaomi Mi Scooter 3 © Cdiscount
Tech

Good deal: the Xiaomi Mi Scooter 3 electric scooter is at -140 € on Cdiscount

To get around town easily, electric scooters are very useful as a means of transport! The advantages of these machines...

20 de May de 2022
Next Post
Used Kia Ceed III: reviews, reliability, known issues, recalls

Used Kia Ceed III: reviews, reliability, known issues, recalls

Fiat 500 electric: buying guide |  notice |  price |  from 24,500 euros

Fiat 500 electric: buying guide | notice | price | from 24,500 euros

Recommended

Profitez d'un bon plan sur la formation à GNU/Linux © Free-Photos, Pixabay

GNU / Linux training: take advantage of 85% reduction on this good plan

21 de April de 2021

Why the arrival of Chrome 100 and Firefox 100 is shaking the internet

19 de February de 2022

Neither seen nor known: the delivery man crashes into the garage door with his van and flees

21 de February de 2022

This motorist wanted to see the sea a little too close…

24 de February de 2022
ADVERTISEMENT

Categories

  • Car
  • Carros
  • Tech
  • Tecnologia
ADVERTISEMENT
  • Home
  • Privacy policy
  • About us
  • Contact us
© 2021 Plugavel - News about technology and cars on one site Plugavel.
No Result
View All Result
  • Home
  • Tech
  • Car
  • More
    • Privacy policy
    • About us
    • Contact us