Threat Group Takes Aim Again at Cloud Platform Provider Zoho

Attackers that previously targeted the cloud platform provider have shifted their focus to additional products in the company’s portfolio. State-backed adversaries expanded attacks against cloud platform company Zoho and its…

The In-house Zoho ServiceDesk Exploit Used to Drop Webshells

You may recall that we reported a while ago that state-backed advanced persistent threat (APT) organizations had been actively exploiting a significant hole in a Zoho single sign-on and password…

Patched Zoho Vulnerability Is Being Exploited by Hackers

Cyberattacks go on, this time threat actors focusing on a Zoho vulnerability, a critical flaw that has been recently patched. The bug under discussion was dubbed CVE-2021-40539 and could be…

Zoho Password Manager Flaw Torched by Godzilla Webshell

A new campaign is prying apart a known security vulnerability in the Zoho ManageEngine ADSelfService Plus password manager, researchers warned over the weekend. The threat actors have managed to exploit…

Hackers with Chinese links breach defense, energy targets, including one in US

Written by Tim Starks Nov 8, 2021 | CYBERSCOOP Suspected spies using similar tools and tactics to a Chinese government-connected hacking group compromised nine organizations in the defense, education, energy…