Recherche : [ManageEngine]

Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT https://blog.talosintelligence.com/lazarus-quiterat/

25/08/2023 08:39:04

This is the third documented campaign attributed to this actor in less than a year, with the actor reusing the same infrastructure throughout these operations.

Technical Advisory: Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966 https://businessinsights.bitdefender.com/tech-advisory-manageengine-cve-2022-47966

27/02/2023 21:05:45

Numerous threat actors were detected abusing a critical CVE-2022-47966 RCE vulnerability affecting products from ManageEngine. Read our advisory.

ManageEngine CVE-2022-47966 Technical Deep Dive https://www.horizon3.ai/manageengine-cve-2022-47966-technical-deep-dive/

20/01/2023 15:29:40

Introduction On January 10, 2023, ManageEngine released a security advisory for CVE-2022-47966 (discovered by Khoadha of Viettel Cyber Security) affecting a wide range of products. The vulnerability allows an attacker to gain remote code execution by issuing a HTTP POST request containing a malicious SAML response. This vulnerability is a result of using an outdated […]

Red Cross traces hack back to unpatched Zoho vulnerability https://www.zdnet.com/article/red-cross-traces-hack-back-to-zoho-vulnerability/

17/02/2022 08:48:33

The Red Cross said the attack began on November 9 and involved an authentication bypass vulnerability in Zoho ManageEngine ADSelfService Plus.

Cyberattaque : la Croix-Rouge confirme l’exploitation d’une vulnérabilité non corrigée https://www.lemagit.fr/actualites/252513510/Cyberattaque-la-Croix-Rouge-confirme-lexploitation-dune-vulnerabilite-non-corrigee

17/02/2022 08:46:33

Le comité international de la Croix-Rouge vient de confirmer que la cyberattaque dont il a été victime courant janvier a commencé par l’exploitation d’une vulnérabilité critique affectant un serveur Zoho ManageEngine, pour laquelle le correctif n’avait pas été appliqué.

Liens par page

Filtres