How Attackers are Exploiting a Critical Flaw in Many Zoho ManageEngine Products

Cybercriminals are exploiting a critical flaw in many of the popular IT tools provided by software maker Zoho ManageEngine to carry out data breaches and cyber-attacks. The vulnerability was reported to the company late last year and affects its wide range of services, including the on-premises and cloud versions of the company's Applications Manager, IT360, Network Configuration Manager, Desktop Central, and ServiceDesk Plus products. The vulnerability, which is being tracked as CVE-2021-28636, has been rated 9.8 out of 10 on the Common Vulnerability Scoring System, meaning it has a high severity and could be easily exploited by malicious actors. According to security experts, attackers exploiting the critical flaw in ManageEngine products could gain access to the administrative interface, modify the system feature, issue commands and launch a wide range of malicious activities. Due to this vulnerability, malicious actors can create new users, modify accounts, gain admin access to the system, launch exploits, hijack sessions, and launch other types of cyber-attacks such as data theft, phishing, network intrusions,etc. It is important that users of ManageEngine products update their systems with the latest patch to fix this issue and protect against any type of malicious activity. Vulnerability issues are becoming increasingly common, and they can often lead to serious security breaches. It is therefore essential for organizations to practice robust network security habits and to ensure their cybersecurity infrastructure is updated and up-to-date. To reduce the chances of falling victim to a cyber-attack, it is also important to monitor the system for any suspicious activities and take steps to patch issues quickly.

This Cyber News was published on www.csoonline.com. Publication date: Mon, 23 Jan 2023 21:39:02 +0000


Cyber News related to How Attackers are Exploiting a Critical Flaw in Many Zoho ManageEngine Products

Managing Business Security with Zoho and ManageEngine Spray and Pray Attackstitle - Businesses of all sizes can face the threat of malicious attacks, including the "Spray and Pray" technique employed by attackers. This technique involves targeting large numbers of users or organizations with automated attacks in the hopes that at ...
1 year ago Securityweek.com
How To Secure Your ManageEngine Software from Known Exploited Vulnerabilities Catalog - Software providers and IT systems administrators are always looking for ways to keep their networks safe. The ever-evolving threat landscape and increasing sophistication of malicious hackers make security a key concern. Among the many technologies ...
1 year ago Securityaffairs.com
Critical Apache Log4j2 flaw still threatens global finance - Critical Apache Log4j2 flaw still threatens global finance. CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. Russia-linked APT28 used post-compromise ...
4 months ago Securityaffairs.com
Zoho ManageEngine Flaw - Exploit and POC Details - A serious security flaw has been detected in Zoho ManageEngine, a widely used IT management solution and bug hunters have published a proof of concept (PoC) code on GitHub to demonstrate the exploit. ...
1 year ago Securityaffairs.com
How Attackers are Exploiting a Critical Flaw in Many Zoho ManageEngine Products - Cybercriminals are exploiting a critical flaw in many of the popular IT tools provided by software maker Zoho ManageEngine to carry out data breaches and cyber-attacks. The vulnerability was reported to the company late last year and affects its wide ...
1 year ago Csoonline.com
Critical unauthenticated RCE flaw in OpenSSH server - MUST READ. Critical unauthenticated remote code execution flaw in OpenSSH server. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities ...
3 months ago Securityaffairs.com
Juniper Networks fixed a critical authentication bypass flaw in some of its routers - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog. Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 ...
3 months ago Securityaffairs.com
Threat actors actively exploit D-Link DIR-859 router flaw - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities ...
3 months ago Securityaffairs.com
Threat actors actively exploit D-Link DIR-859 router flaw - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities ...
3 months ago Securityaffairs.com
Exploiting Zoho ManageEngine for Remote Code Execution - Security vulnerabilities in technology software are an ever-present threat to organisations. A prime example of this is the recently discovered vulnerability in the Zoho ManageEngine, a service used by organisations worldwide to manage IT operations. ...
1 year ago Securityaffairs.com
Patch Now: Attackers Pummel Critical, Easy-to-Exploit OwnCloud Flaw - Hackers are actively exploiting a critical flaw in the open source ownCloud platform that allows access to access admin passwords, mail server credentials, and license keys, exposing their enterprise to data breaches or other types of malicious ...
10 months ago Darkreading.com
CISA Alerts of ManageEngine Critical Remote Code Execution Vulnerability - The Cybersecurity and Infrastructure Security Agency (CISA) has published an alert on a critical remote code execution (RCE) vulnerability in ManageEngine products and have warned all users to update their systems as soon as possible. ...
1 year ago Bleepingcomputer.com
High-severity flaw affects Cisco Firepower Management Center - CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Hackers ...
4 months ago Securityaffairs.com
High-severity flaw affects Cisco Firepower Management Center - CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Hackers ...
4 months ago Securityaffairs.com
LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed - The Lockbit ransomware attacks use publicly available exploits for the Citrix Bleed vulnerability to breach the systems of large organizations, steal data, and encrypt files. Although Citrix made fixes available for CVE-2023-4966 more than a month ...
10 months ago Bleepingcomputer.com
Exploits released for critical Jenkins RCE flaw, patch now - Multiple proof-of-concept exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly available, with some researchers reporting attackers actively exploiting the flaws in attacks. ...
8 months ago Bleepingcomputer.com
10 of the biggest zero-day attacks of 2023 - Here are 10 of the biggest zero-day attacks of 2023 in chronological order. Zero-day attacks started strong in 2023 with CVE-2023-0669, a pre-authentication command injection vulnerability in Fortra's GoAnywhere managed file transfer product. ...
9 months ago Techtarget.com
CERT-UA warns of malware campaign conducted by threat actor UAC-0006 - Threat actors may have exploited a zero-day in older iPhones, Apple warns. Microsoft fixed two zero-day bugs exploited in malware attacks. Threat actors actively exploit JetBrains TeamCity flaws to deliver malware. Recent DarkGate campaign exploited ...
4 months ago Securityaffairs.com
Opening Statement by CISA Director Jen Easterly - Chairman Gallagher, Ranking Member Krishnamoorthi, Members of the Committee, thank you for the opportunity to testify on CISA's efforts to protect the Nation from the preeminent cyber threat posed by the People's Republic of China. As America's ...
8 months ago Cisa.gov
North Korea-linked IT workers infiltrated hundreds of US firms - CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group ...
4 months ago Securityaffairs.com
Hackers are exploiting critical Apache Struts flaw using public PoC - Hackers are attempting to leverage a recently fixed critical vulnerability in Apache Struts that leads to remote code execution, in attacks that rely on publicly available proof-of-concept exploit code. It appears that threat actors have just ...
9 months ago Bleepingcomputer.com
CVE-2016-82015 - #1: CVE-2016-82014: Operations Manager - An SQL injection flaw was reported to ManageEngine on 2014/08/19 by Andrea Micalizzi (rgod), affecting version 11.3 and 11.4 of ManageEngine OpManager, and said to be patched in version 11.5 on 2014/11/10. ...
54 years ago Tenable.com
CVE-2016-82014 - #1: CVE-2016-82014: Operations Manager - An SQL injection flaw was reported to ManageEngine on 2014/08/19 by Andrea Micalizzi (rgod), affecting version 11.3 and 11.4 of ManageEngine OpManager, and said to be patched in version 11.5 on 2014/11/10. ...
54 years ago Tenable.com
14 New DrayTek routers' flaws impacts over 700,000 devices in 168 countries - Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. Multiple flaws in DrayTek ...
3 days ago Securityaffairs.com
Omdia: Standalone Security Products Outsell Cybersecurity Platforms - In its many briefings with cybersecurity vendors, one of the most consistent themes Omdia hears is why enterprises need cybersecurity platforms. Instead, vendors claim, enterprises could get better outcomes if they give up their multitude of ...
9 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)