Monday, December 6, 2021

Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus

Microsoft has detected exploits being used to compromise systems running the ZOHO ManageEngine ADSelfService Plus software versions vulnerable to CVE-2021-40539 in a targeted campaign. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to DEV-0322, a group operating out of China, based on observed infrastructure, victimology, tactics, and procedures.

MSTIC previously highlighted DEV-0322 activity related to attacks targeting the SolarWinds Serv-U software…

Read More

Latest news
Related news