Chinese Hacker Group APT41 Uses Recent Exploits To Target Companies Worldwide

By   ISBuzz Team
Writer , Information Security Buzz | Mar 27, 2020 03:28 am PST

It has been reported that a Chinese cyberespionage group has been attacking organizations worldwide by exploiting vulnerabilities in popular business applications and devices from companies such as Cisco, Citrix and Zoho. In light of the ongoing COVID-19 crisis, the risk to companies is even greater, because IT staff are working remotely and the rush to accommodate work-from-home employees might leave business applications exposed to the internet without adequate protection.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Richard Bejtlich
Richard Bejtlich , Principal Security Strategist
March 27, 2020 11:32 am

Intruders continue to target infrastructure, not just endpoints and servers. Defenders cannot ignore infrastructure devices like routers, switches, and VPN concentrators, assuming they are trustworthy and safe to use. Instrument those devices using network security monitoring tools and methods to ensure that your trust is well-placed.

Last edited 3 years ago by Richard Bejtlich
Adam Palmer
Adam Palmer , Chief Cybersecurity Strategist
March 27, 2020 11:31 am

The activities of APT41 illustrate that the attack method used by these notorious hacking groups aren’t particularly advanced. They still focus primarily on commonly exploited vulnerabilities. They just do this in an organised way – so rather than calling them advanced, maybe they should just be called organised persistent threats (OPTs). Rather than using zero day attacks, they go after operating systems and programs known to have easily exploitable flaws. For the security leader, the lesson is that it doesn’t require an advanced defense to defeat these attacks. Basic cyber hygiene will still close most of the holes these criminals are trying to climb through.

Last edited 3 years ago by Adam Palmer

Recent Posts

Would love your thoughts, please comment.x