According to a blog post by Palo Alto Networks, enterprise software maker Zoho was targeted by hackers, possibly of Chinese origin, who exploited a vulnerability in its self-service password management tool, ManageEngine, from late September to early October.

Unit 42 of the US cybersecurity firm announced last week that the hackers were exploiting the known vulnerability to successfully infiltrate at least nine global organizations in critical sectors such as defense, energy, healthcare, education and technology.

The attack, which began on September 22nd and likely lasted through early October, targeted at least 370 Zoho ManageEngine servers in the United States.

Palo Alto Networks said the tactics and tools used in the attacks are similar to those of the Chinese hacking group Emissary Panda, although they have failed to validate the actor behind the campaign.

It said it discovered over 11,000 servers running Godzilla Webshell, the malware found in the …


Source link

Leave a Reply