* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Wednesday, July 15, 2026
Earth-News
  • Home
  • Business
  • Entertainment
    Accel Entertainment announces management changes – CDC Gaming

    Accel Entertainment Announces Thrilling New Leadership Changes

    M+C Saatchi NA launches entertainment arm as branded content booms – Marketing Dive

    M+C Saatchi NA Launches Exciting New Entertainment Division to Ride the Branded Content Wave

    Guggenheim raises Sphere Entertainment stock price target to $188 on venue outlook – Investing.com

    Guggenheim raises Sphere Entertainment stock price target to $188 on venue outlook – Investing.com

    Is a celebrity ‘sex pass’ ever a good idea? – news8000.com

    When Do Celebrity ‘Sex Passes’ Actually Work?

    Entertainment: Hop Over To Bastille Days – Urban Milwaukee

    Dive into the Excitement of Bastille Days in Milwaukee!

    July 11 Arts & Entertainment Highlights You Absolutely Can’t Miss

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Why Micron Technology Stock Rallied on Tuesday – Yahoo Finance

    Micron Technology Stock Soars in Tuesday’s Trading Session

    TTM Technologies Arrives at the 2026 Farnborough International Airshow – Yahoo Finance

    TTM Technologies Arrives at the 2026 Farnborough International Airshow – Yahoo Finance

    New 1st-in-Illinois technology available at OSF – WEEK | 25 News Now

    New 1st-in-Illinois technology available at OSF – WEEK | 25 News Now

    Goldman Sachs’ Insane SpaceX AI Forecast Has One Clear Winner: Micron Technology – 24/7 Wall St.

    Goldman Sachs’ Bold SpaceX AI Prediction Reveals One Clear Winner: Micron Technology

    Figure Technology Solutions (NASDAQ:FIGR) Cut to “Sell” at Wall Street Zen – MarketBeat

    Analysts Downgrade Figure Technology Solutions to “Sell” – What This Means for Investors

    Startup testing nuclear battery technology in orbit – SpaceNews

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Accel Entertainment announces management changes – CDC Gaming

    Accel Entertainment Announces Thrilling New Leadership Changes

    M+C Saatchi NA launches entertainment arm as branded content booms – Marketing Dive

    M+C Saatchi NA Launches Exciting New Entertainment Division to Ride the Branded Content Wave

    Guggenheim raises Sphere Entertainment stock price target to $188 on venue outlook – Investing.com

    Guggenheim raises Sphere Entertainment stock price target to $188 on venue outlook – Investing.com

    Is a celebrity ‘sex pass’ ever a good idea? – news8000.com

    When Do Celebrity ‘Sex Passes’ Actually Work?

    Entertainment: Hop Over To Bastille Days – Urban Milwaukee

    Dive into the Excitement of Bastille Days in Milwaukee!

    July 11 Arts & Entertainment Highlights You Absolutely Can’t Miss

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Why Micron Technology Stock Rallied on Tuesday – Yahoo Finance

    Micron Technology Stock Soars in Tuesday’s Trading Session

    TTM Technologies Arrives at the 2026 Farnborough International Airshow – Yahoo Finance

    TTM Technologies Arrives at the 2026 Farnborough International Airshow – Yahoo Finance

    New 1st-in-Illinois technology available at OSF – WEEK | 25 News Now

    New 1st-in-Illinois technology available at OSF – WEEK | 25 News Now

    Goldman Sachs’ Insane SpaceX AI Forecast Has One Clear Winner: Micron Technology – 24/7 Wall St.

    Goldman Sachs’ Bold SpaceX AI Prediction Reveals One Clear Winner: Micron Technology

    Figure Technology Solutions (NASDAQ:FIGR) Cut to “Sell” at Wall Street Zen – MarketBeat

    Analysts Downgrade Figure Technology Solutions to “Sell” – What This Means for Investors

    Startup testing nuclear battery technology in orbit – SpaceNews

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Chinese snoops use F5, ConnectWise bugs to sell access into top US, UK networks

March 23, 2024
in Technology
Chinese snoops use F5, ConnectWise bugs to sell access into top US, UK networks
Share on FacebookShare on Twitter

Chinese spies exploited a couple of critical-severity bugs in F5 and ConnectWise equipment earlier this year to sell access to compromised US defense organizations, UK government agencies, and hundreds of other entities, according to Mandiant.

The Google-owned threat hunters said they assess, “with moderate confidence,” that a crew they track as UNC5174 was behind the exploitation of CVE-2023-46747, a 9.8-out-of-10-CVSS-rated remote code execution bug in the F5 BIG-IP Traffic Management User Interface, and CVE-2024-1709, a path traversal flaw in ConnectWise ScreenConnect that scored a perfect 10 out of 10 CVSS severity rating.

UNC5174 uses the online persona Uteus, and has bragged about its links to China’s Ministry of State Security (MSS) – boasts that may well be true. The gang focuses on gaining initial access into victim organizations and then reselling access to valuable targets.

During the course of its investigation into the F5 and ConnectWise exploits, Mandiant found UNC5174 could indeed be working as a contractor for MSS as an initial access broker.

“The actor claimed MSS affiliation in dark web forums, claiming tacit backing of an unspecified MSS-related APT actor,” Mandiant’s Michael Raggi, Adam Aprahamian, Dan Kelly, Mathew Potaczek, Marcin Siedlarz, and Austin Larsen wrote in a Thursday threat-intel report. 

“Additionally, the impacted organizations targeted by UNC5174, including US defense and UK government entities, were targeted concurrently by distinct known MSS access brokers UNC302, which were previously indicted by the US Department of Justice in 2020,” the team added.

The Chinese crew uses custom software, as well as a remote command-and-control (C2) framework dubbed SUPERSHELL, to exploit F5’s BIG-IP bug in October and hijack devices from across the internet. After abusing this flaw to break into a host of networks, UNC5174 then tried to sell access to US defense contractor appliances, UK government entities, and institutions in Asia, it’s claimed.

Just last month, Mandiant noticed the same combination of tools, believed to be unique to this particular Chinese gang, being used to exploit the ConnectWise flaw and compromise “hundreds” or entities, mostly in the US and Canada.

Critical vulnerability in F5 BIG-IP under active exploitation

F5 hurriedly squashes BIG-IP remote code execution bug

Five Eyes tell critical infra orgs: Take these actions now to protect against China’s Volt Typhoon

Forget TikTok – Chinese spies want to steal IP by backdooring digital locks

Also between October 2023 and February 2024, UNC5174 exploited CVE-2023-22518 in Atlassian Confluence, CVE-2022-0185 in Linux kernels, and CVE-2022-3052, a Zyxel Firewall OS command injection vulnerability, according to Mandiant.

These campaigns included “extensive reconnaissance, web application fuzzing, and aggressive scanning for vulnerabilities on internet-facing systems belonging to prominent universities in the US, Oceania, and Hong Kong regions,” the threat intel team noted. 

The Beijing-backed attacker also apparently targeted think tanks in the US and Taiwan, but Mandiant says it doesn’t have enough evidence to determine successful exploitation.

After gaining access to their victims, the espionage crew creates admin accounts to run malicious commands after elevating privileges. This includes running a 64-bit ELF downloader Mandiant named SNOWLIGHT.

SNOWLIGHT, which is written in C and runs on Linux systems, brings Golang-based backdoors GOHEAVY and GOREVERSE onto compromised appliances. This allows miscreants to get in via reverse SSH shells, connect with the C2 infrastructure hosting SUPERSHELL, and download and execute more malicious code.

“China-nexus actors continue to conduct vulnerability research on widely deployed edge appliances like F5 BIG-IP and ScreenConnect to enable espionage operations at scale,” Mandiant warns.

UNC5174 in particular continues to pose a threat to “targets of strategic or political interest to the PRC,” the threat hunters said. Specifically, this includes academic, government, and NGO groups in the US, UK, Canada, Southeast Asia and Hong Kong.

See the Mandiant reports for indicators of compromise and other useful details for network defenders. ®

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : The Register – https://go.theregister.com/feed/www.theregister.com/2024/03/22/china_f5_connectwise_unc5174/

Tags: Chinesesnoopstechnology
Previous Post

A ‘Devil Comet’ Is Coming for the Solar Eclipse

Next Post

Labor watchdog wants SpaceX’s gag clauses to disintegrate like its exploding rockets

NMSU launches state’s first Ph.D. program in wildlife and fisheries ecology – New Mexico State University

NMSU Launches New Mexico’s First Ph.D. Program in Wildlife and Fisheries Ecology

July 15, 2026
Marburg researchers decode one of nature’s largest enzymes – Wiley Analytical Science

Scientists Unveil the Mysteries Behind One of Nature’s Largest Enzymes

July 15, 2026
An Invitation to Scribble in the Margins of The Best Science Stories and How They Work – The Open Notebook

Discover the Most Fascinating Science Stories and the Secrets They Reveal

July 15, 2026
Program encourages healthy lifestyle changes – Yahoo

Transform Your Life: Discover the New Program That Ignites Lasting Healthy Habits

July 15, 2026
Bellingham, Messi Lead England-Argentina Rivalry’s Next Chapter – FOX Sports

Bellingham and Messi Spark an Electrifying New Era in the England-Argentina Rivalry

July 15, 2026
World Cup Didn’t Boost International Visitors In June—Here’s Why It Matters – Forbes

Why the World Cup Failed to Boost International Visitors in June-and What It Means for the Future

July 15, 2026
Accel Entertainment announces management changes – CDC Gaming

Accel Entertainment Announces Thrilling New Leadership Changes

July 15, 2026
Employee at Smyrna mental health facility arrested for raping underage patient, warrants reveal – 11Alive.com

Smyrna Mental Health Worker Arrested in Shocking Case Involving Underage Patient

July 15, 2026
‘The Kentucky Derby of politics’: Fancy Farm gears up for political showdown – The Paducah Sun

The Kentucky Derby of Politics: Fancy Farm Gears Up for a High-Stakes Showdown

July 15, 2026
Why Micron Technology Stock Rallied on Tuesday – Yahoo Finance

Micron Technology Stock Soars in Tuesday’s Trading Session

July 15, 2026

Categories

Archives

July 2026
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
« Jun    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,088)
  • Ecology (1,314)
  • Economy (1,335)
  • Entertainment (22,166)
  • General (22,627)
  • Health (10,359)
  • Lifestyle (1,349)
  • News (22,105)
  • People (1,339)
  • Politics (1,356)
  • Science (16,530)
  • Sports (21,797)
  • Technology (16,295)
  • World (1,329)

Recent News

NMSU launches state’s first Ph.D. program in wildlife and fisheries ecology – New Mexico State University

NMSU Launches New Mexico’s First Ph.D. Program in Wildlife and Fisheries Ecology

July 15, 2026
Marburg researchers decode one of nature’s largest enzymes – Wiley Analytical Science

Scientists Unveil the Mysteries Behind One of Nature’s Largest Enzymes

July 15, 2026
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version