menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Technology News

>

French gov...
source image

Tech Radar

6d

read

304

img
dot

Image Credit: Tech Radar

French government hit by Chinese hackers exploiting Ivanti security flaws

  • Chinese state-sponsored threat actors exploited three zero-day vulnerabilities in Ivanti CSA solutions to access French government agencies and other commercial entities such as telcos, finance, and transportation organizations.
  • The attackers abused the vulnerabilities to steal login credentials and establish persistence on target endpoints, using techniques like deploying PHP web shells and installing kernel modules acting as a rootkit.
  • The attacks were attributed to a group named Houken, known for exploiting vulnerabilities in SAP NetWeaver previously, and sold the gained access to French government devices, believed to be targeting valuable intelligence and sensitive data.
  • The French National Agency for the Security of Information Systems (ANSSI) confirmed the breaches, linking the attacks to Chinese state-sponsored actors, while noting the group Houken had targeted various sectors beyond Western entities.

Read Full Article

like

18 Likes

For uninterrupted reading, download the app