Cybersecurity Dive May 7, 2024
Matt Kapko

Espionage groups linked to China are heavily exploiting zero days, focusing on devices that lack endpoint detection and response capabilities, one expert said.

SAN FRANCISCO — China-linked attackers are exploiting zero-day vulnerabilities and using the defensive gaps in network security devices to gain persistent access to U.S. critical infrastructure organizations and enterprises, experts said Monday at the RSA Conference.

Espionage groups linked to China are identifying, researching and exploiting the most zero-day vulnerabilities out there, and they’re focusing on devices that typically don’t support endpoint detection and response, said Charles Carmakal, CTO at Mandiant Consulting, Google Cloud.

Network security devices, including routers, firewalls, VPNs and VMware hypervisors, don’t allow administrators to log into a device, view the operating system command...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Conferences / Podcast, Cybersecurity, Health IT, Technology, Trends
Related Articles:
WEDI asks HHS to ensure info exchange capabilities after cyberattacks
The state-by-state impact of Ascension’s cyberattack
Microsoft warns of hacker misusing Quick Assist in Black Basta ransomware attacks
Insurance and cyberattacks
AI raises CIO cyber anxieties

Share This Article