[HackerNews] Warning: Yet Another Zoho ManageEngine Product Found Under Active Attacks

Enterprise software provider Zoho on Friday warned that a newly patched critical flaw in its Desktop Central and Desktop Central MSP is being actively exploited by malicious actors, marking the third security vulnerability in its products to be abused in the wild in a span of four months.
<!–adsense–>
The issue, assigned the identifier CVE-2021-44515, is an authentication bypass vulnerability

Source: Read More (The Hacker News)

You might be interested in …

[ZDNet] Microsoft to release ‘Defender for Business’ platform

All posts, ZDNet

Once the tool is available, customers will be able to buy the platform directly from Microsoft as a standalone offering costing $3 per user per month. Source: Read More (Latest topics for ZDNet in Security)

Read More

Daily NCSC-FI news followup 2020-08-01

Offense and Defense A Tale of Two Sides: Group Policy and Logon Scripts www.fortinet.com/blog/threat-research/offense-defense-a-tale-of-two-sides-group-policy-and-logon-scripts In this blog, we will look at Group Policy Objects (GPO) in Windows operating systems. Specifically, how they can be used to deploy and execute malicious payloads on target machines within an Active Directory environment. We will also look at ways […]

Read More

[TheRecord] Russian security firm sinkholes part of the dangerous Meris DDoS botnet

Rostelecom-Solar, the cybersecurity division of Russian telecom giant Rostelecom, said on Monday that it sinkholed a part of the Meris DDoS botnet after identifying a mistake from the malware’s creators. First spotted earlier this year, the Meris botnet is currently the largest DDoS botnet on the internet, with an estimated size of around 250,000 infected systems. […]

Read More