This is the third documented campaign attributed to this actor in less than a year, with the actor reusing the same infrastructure throughout these operations.
Numerous threat actors were detected abusing a critical CVE-2022-47966 RCE vulnerability affecting products from ManageEngine. Read our advisory.
Introduction On January 10, 2023, ManageEngine released a security advisory for CVE-2022-47966 (discovered by Khoadha of Viettel Cyber Security) affecting a wide range of products. The vulnerability allows an attacker to gain remote code execution by issuing a HTTP POST request containing a malicious SAML response. This vulnerability is a result of using an outdated […]
The Red Cross said the attack began on November 9 and involved an authentication bypass vulnerability in Zoho ManageEngine ADSelfService Plus.
Le comité international de la Croix-Rouge vient de confirmer que la cyberattaque dont il a été victime courant janvier a commencé par l’exploitation d’une vulnérabilité critique affectant un serveur Zoho ManageEngine, pour laquelle le correctif n’avait pas été appliqué.