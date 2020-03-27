It has been reported that a Chinese cyberespionage group has been attacking organizations worldwide by exploiting vulnerabilities in popular business applications and devices from companies such as Cisco, Citrix and Zoho. In light of the ongoing COVID-19 crisis, the risk to companies is even greater, because IT staff are working remotely and the rush to accommodate work-from-home employees might leave business applications exposed to the internet without adequate protection.
EXPERTS COMMENTS
Adam Palmer, Chief Cybersecurity Strategist , Tenable
March 27, 2020
The activities of APT41 illustrate that the attack method used by these notorious hacking groups aren’t particularly advanced.
The activities of APT41 illustrate that the attack method used by these notorious hacking groups aren’t particularly advanced. They still focus primarily on commonly exploited vulnerabilities. They just do this in an organised way – so rather than calling them advanced, maybe they should just be called organised persistent threats (OPTs). Rather than using zero day attacks, they go after opera ....The activities of APT41 illustrate that the attack method used by these notorious hacking groups aren’t particularly advanced. They still focus primarily on commonly exploited vulnerabilities. They just do this in an organised way – so rather than calling them advanced, maybe they should just be called organised persistent threats (OPTs). Rather than using zero day attacks, they go after operating systems and programs known to have easily exploitable flaws. For the security leader, the lesson is that it doesn’t require an advanced defense to defeat these attacks. Basic cyber hygiene will still close most of the holes these criminals are trying to climb through.
