[HackerNews] CISA Warns of Actively Exploited Zoho ManageEngine ADSelfService Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday issued a bulletin warning of a zero-day flaw affecting Zoho ManageEngine ADSelfService Plus deployments that is currently being actively exploited in the wild.
The flaw, tracked as CVE-2021-40539, concerns a REST API authentication bypass that could lead to arbitrary remote code execution (RCE). ADSelfService Plus

Source: Read More (The Hacker News)

You might be interested in …

[SecurityWeek] Hackers Claim to Have Stolen 60 GB of Data From Acer

All posts, Security Week

A group of hackers claims to have stolen more than 60 gigabytes of data after breaching servers belonging to Taiwanese tech giant Acer. In a post on a publicly accessible hacker forum, a group calling itself “Desorden” claimed to have stolen databases and other files from breached Acer India servers. read more Source: Read More […]

Read More

[ZDNet] This new ransomware has simple but very clever tricks to evade PC defenses

All posts, ZDNet

‘Up-and-coming’ ransomware strain is ramping up attacks. Source: Read More (Latest topics for ZDNet in Security)

Read More

Daily NCSC-FI news followup 2020-04-10

Large email extortion campaign underway, DON’T PANIC! www.bleepingcomputer.com/news/security/large-email-extortion-campaign-underway-dont-panic/ A large email extortion campaign is underway telling recipients that their computer was hacked and that a video was taken through the hacked computer’s webcam. The attackers then demand $1,900 in bitcoins or the video will be sent to family and friends. Ransomware scumbags leak Boeing, Lockheed […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.