RedSeal Cyber Threat Series
The U.S. National Security Agency published a report detailing the top 25 vulnerabilities consistently being scanned, targeted, and exploited by Chinese state-sponsored hacking groups.
All 25 vulnerabilities are known and have patches available from their vendors.
Exploits for many vulnerabilities are available publicly and have been used by various malware and ransomware groups and other nation-state actors.
The first three CVEs of this 25 that should be remediated — especially if open to an untrusted network — are:
- Citrix Netscaler CVE-2019-19781
- Windows RDP Exploit (aka Bluekeep) CVE-2019-0708
- Windows Zerologon CVE-2020-1472)
RedSeal customers should:
Create and run daily reports until all systems with the 25 vulnerabilities are patched.
For additional details, contact your RedSeal sales representatives or email firstname.lastname@example.org