China-based Attackers Abuse SolarWinds Zero-day Targeting Software Compaines And US Defence Orgs

Recently Microsft has revealed a vulnerability in SolarWinds Serv-U FTP servers allowing for the remote code execution, and tonight Microsoft has stated that the attacks abusing the vulnerability are likely attributed to a Chinese hacking group tracked as 'DEV-0322.' According to Microsoft's blog post, "this activity group is based in China and has been observed using commercial VPN solutions and compromised consumer routers in their attacker infrastructure." The group is currently targeting publicly exposed Serv-U FTP servers belonging to entities in the US Defense Industrial Base Sector and software companies. Read more...