Blog | G5 Cyber Security

Podcast: Could the Zoho Flaw Trigger SolarWinds 2.0?

Companies are worried that the highly privileged password app could let attackers deep inside an enterprises footprint. FBI, CISA and U.S. Coast Guard Cyber Command warned that state-backed advanced persistent threat (APT) actors are likely among those whod been actively exploiting a critical flaw in a Zoho-owned single sign-on and password management tool since early August. At issue was a critical authentication bypass vulnerability in Zoho ManageEngine ADSelfService Plus platform that could lead to remote code execution.”]

Source: https://threatpost.com/podcast-zoho-solarwinds/175553/

Exit mobile version