FBI and CISA warn of state hackers exploiting critical Zoho bug

I’ve used Zoho for my business in the past. I still come across it for things like support portals used by my suppliers. Worth checking if your supply chain could be using Zoho, and if they have mitigated the threat…:

[…] “The exploitation of ManageEngine ADSelfService Plus poses a serious risk to critical infrastructure companies, U.S.-cleared defense contractors, academic institutions, and other entities that use the software,” the joint advisory warns.

“Successful exploitation of the vulnerability allows an attacker to place webshells, which enable the adversary to conduct post-exploitation activities, such as compromising administrator credentials, conducting lateral movement, and exfiltrating registry hives and Active Directory files.”


Original Article