Several nation-state actors are using security holes in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus to obtain unauthorized access and establish persistence on compromised systems, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned on Thursday.
According to a joint alert released by the agency, the Federal Bureau of Investigation (FBI), and Cyber National Mission Force (CNMF), “Nation-state advanced persistent threat (APT) actors exploited CVE-2022-47966 to gain unauthorized access to a public-facing application (Zoho ManageEngine ServiceDesk Plus), establish persistence, and move lateral through the network.”
The identity of the threat organizations responsible for the attacks have not been made public, but the U.S. Cyber Command (USCYBERCOM) has made hints that Iranian nation state troops may have been involved read more Nation State Hackers Exploit Fortinet and Zoho Vulnerabilities.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.