FBI and CISA warn of state hackers exploiting critical Zoho bug

[correlate]

[correlate]

Level 18
Thread author
Top Poster
Well-known
May 4, 2019
801
Content source
https://www.bleepingcomputer.com/news/security/fbi-and-cisa-warn-of-state-hackers-exploiting-critical-zoho-bug/
The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) today warned that state-backed advanced persistent threat (APT) groups are actively exploiting a critical flaw in a Zoho single sign-on and password management solution since early August 2021.

Zoho's customer list includes "three out of five Fortune 500 companies," including Apple, Intel, Nike, PayPal, HBO, and many more.

The vulnerability tracked as CVE-2021-40539 was found in the Zoho ManageEngine ADSelfService Plus software, and it allows attackers to take over vulnerable systems following successful exploitation.
Click to expand...
www.bleepingcomputer.com

FBI and CISA warn of state hackers exploiting critical Zoho bug

The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) today warned that state-backed advanced persistent threat (APT) groups are actively exploiting a critical flaw in a Zoho single sign-on and password management solution since early August 2021.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
Reactions: Gandalf_The_Grey, silversurfer, Nevi and 1 other person
You must log in or register to reply here.

Similar threads

[correlate]
    • Like
    • +Reputation
Hackers use in-house Zoho ServiceDesk exploit to drop webshells
Replies
1
Views
875
News Archive
LASER_oneXM
LASER_oneXM
silversurfer
    • Like
State hackers breach defense, energy, healthcare orgs worldwide
Replies
0
Views
640
News Archive
silversurfer
silversurfer
Gandalf_The_Grey
    • Like
    • +Reputation
    • Wow
Security News 22 Energy Firms Hacked in Largest Coordinated Attack on Denmark’s Critical Infrastructure
Replies
6
Views
1,832
Security News
oldschool
oldschool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top