all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Multiple Agency Announcement on APT Actors Exploiting Zoho ManageEngine ADSelfService Plus (AA21-259A)

Add to bookmarks
Jan. 27, 2022, 5:56 a.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

On September 16th, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and United States Coast Guard Cyber Command (CGCYBER) released a new joint advisory titled - Alert (AA21-259A) APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus. Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to a REST API authentication bypass, which ultimately allows for remote code execution. The vulnerability has been assigned CVE-2021-40539.What Are the Technical Details of the Vulnerability?An authentication …

adselfservice adselfservice plus agency announcement apt manageengine zoho

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

Tinyproxy use-after-free Vulnerability (CVE-2023-49606) 9 hours ago | fortiguard.fortinet.com
actor arbitrary code can code +21
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) 1 day, 8 hours ago | fortiguard.fortinet.com
access advisory application attackers +29
GitLab Password Reset Vulnerability (CVE-2023-7028) 5 days, 14 hours ago | fortiguard.fortinet.com
account administrator attacker cisa +23
Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) 6 days, 14 hours ago | fortiguard.fortinet.com
CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040) 1 week ago | fortiguard.fortinet.com
attackers attacks cisa cisa known exploited vulnerabilities +27
ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359) 1 week, 6 days ago | fortiguard.fortinet.com
adaptive security advisory april arcanedoor +22
Akira Ransomware Attack (CVE-2023-20269 and CVE-2020-3259) 1 week, 6 days ago | fortiguard.fortinet.com
access advisory akira akira ransomware +17
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 3 weeks, 1 day ago | fortiguard.fortinet.com
advisory attack code code injection +27
XZ Utils Supply Chain Attack (CVE-2024-3094) 1 month ago | fortiguard.fortinet.com
attack code compression cve +25

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Network Security Analyst

@ Wiz | Tel Aviv
View on infosec-jobs.com

Penetration Testing Staff Engineer- Turkey Remote

@ SonicWall | Istanbul, Istanbul, Türkiye
View on infosec-jobs.com

Physical Security Engineer

@ Microsoft | Atlanta, Georgia, United States
View on infosec-jobs.com

Junior Security Consultant (m/w/d)

@ Deutsche Telekom | Berlin, Deutschland
View on infosec-jobs.com

Senior Cybersecurity Product Specialist - Security Endpoint Protection

@ Pacific Gas and Electric Company | San Ramon, CA, US, 94583
View on infosec-jobs.com

Security Engineer, Pre-Sales (PA/NJ)

@ Vectra | US - South New Jersey, US - Pennsylvania
View on infosec-jobs.com
View more jobs