SoylentNews

fliptop [soylentnews.org] writes:

Companies are advised to constantly update their apps and software, and patch known network vulnerabilities to prevent such attacks [theepochtimes.com]:

A ransomware group called “Ghost” is exploiting the network vulnerabilities of various organizations to gain access to their systems, according to a joint advisory issued by multiple U.S. federal agencies.

“Beginning early 2021, Ghost actors began attacking victims whose internet-facing services ran outdated versions of software and firmware,” the Cybersecurity and Infrastructure Security Agency (CISA) said in the Feb. 19 joint advisory. “Ghost actors, located in China, conduct these widespread attacks for financial gain.”

The attacks have targeted schools and universities, government networks, critical infrastructure, technology and manufacturing companies, health care, and several small and mid-sized businesses.

[...] The criminals use publicly available code to exploit “common vulnerabilities and exposures” of their targets to secure access to servers. They leverage vulnerabilities in servers running Adobe ColdFusion, Microsoft Exchange, and Microsoft SharePoint.

Also at BleepingComputer [bleepingcomputer.com].

Related:

• Chinese Salt Typhoon Hackers 1st Spotted on Federal Networks Under Another Name [soylentnews.org]
• U.S. Treasury Confirms It Was Breached by China-Backed Hackers [soylentnews.org]
• A 9th Telecoms Firm Has Been Hit by a Massive Chinese Espionage Campaign, the White House Says [soylentnews.org]
• U.S. Officials Urge Americans to Use Encrypted Apps Amid Unprecedented Cyberattack [soylentnews.org]
• T-Mobile Hacked in Massive Chinese Breach of Telecom Networks, WSJ Reports [soylentnews.org]

Original Submission