"China's Volt Typhoon Hackers Caught Exploiting Zero-Day in Servers Used by ISPs, MSPs"
Lumen Technologies found the Chinese Advanced Persistent Threat (APT) group "Volt Typhoon" exploiting a new zero-day in Versa Director servers to steal credentials and break into downstream customers' networks. The vulnerability was recently added to the US Cybersecurity and Infrastructure Security Agency's (CISA) must-patch list after Versa Networks confirmed the zero-day exploitation, warning that the Versa Director Graphical User Interface (GUI) could be hacked to plant malware on affected devices. Versa Director servers, heavily used by Internet Service Providers (ISPs) and Managed Service Providers (MSPs), are a critical and attractive target for threat actors looking to reach into enterprise network management. This article continues to discuss Volt Typhoon hackers' exploitation of a zero-day in servers used by ISPs and MSPs.
Submitted by grigby1