An APT group is leveraging a critical vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus to compromise organizations in a variety of sectors, including defense and tech. “Successful exploitation of the vulnerability allows an attacker to upload executable files and place webshells, which enable the adversary to conduct post-exploitation activities, such as compromising administrator credentials, conducting lateral movement, and exfiltrating registry hives and Active Directory files,” the Cybersecurity and Infrastructure Security Agency (CISA) warns. About CVE-2021-44077 … More
The post Persistent APT is exploiting ManageEngine ServiceDesk Plus vulnerability (CVE-2021-44077) appeared first on Help Net Security.
Source: help net security.com