Techly NewsGet the app

Get the latest tech news

Chinese Spies Sell Access into Top US, UK Networks


An anonymous reader shared this report from The Register: Chinese spies exploited a couple of critical-severity bugs in F5 and ConnectWise equipment earlier this year to sell access to compromised U.S. defense organizations, UK government agencies, and hundreds of other entities, according to Mandi...

An anonymous reader shared this report from The Register: Chinese spies exploited a couple of critical-severity bugs in F5 and ConnectWise equipment earlier this year to sell access to compromised U.S. defense organizations, UK government agencies, and hundreds of other entities, according to Mandiant. The Google-owned threat hunters said they assess, "with moderate confidence," that a crew they track as UNC5174 was behind the exploitation of CVE-2023-46747, a 9.8-out-of-10-CVSS-rated remote code execution bug in the F5 BIG-IP Traffic Management User Interface, and CVE-2024-1709, a path traversal flaw in ConnectWise ScreenConnect that scored a perfect 10 out of 10 CVSS severity rating. These campaigns included "extensive reconnaissance, web application fuzzing, and aggressive scanning for vulnerabilities on internet-facing systems belonging to prominent universities in the U.S., Oceania, and Hong Kong regions," the threat intel team noted.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of Chinese

Chinese

Photo of Access

Access

Photo of chinese spies

chinese spies

Related news:

News photo

Appleā€™s Cook Meets Chinese Commerce Minister, Unveils Investment

News photo

Apple in Talks to Use Baidu AI in Chinese iPhones, WSJ Says

News photo

Tencent Doubles Buybacks to Over $12.8 Billion as Sales Miss

« Bend Studios' next project will be a "AAA live-service" game
Studio behind Spyro remakes and Crash Bandicoot 4 is reportedly working with Xbox on a new game »