Chinese threat actors have been spotted exploiting vulnerabilities in F5 BIG-IP devices, Citrix VPNs, Pulse Secure VPNs and Microsoft Exchange servers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) claims the attacks were launched by threat actors affiliated with the Chinese Ministry of State Security. CISA and the FBI also recommend that organizations routinely audit their configuration and patch management programs to ensure they can track and mitigate emerging threats. The initial access vector for these cyberattacks vary. CISA said, maintaining a rigorous patching cycle continues to be the best defense against these attacks.
Source: https://threatpost.com/hackers-gov-microsoft-exchange-f5-exploits/159226/