FBI, CISA, Coast Guard Report Cyber Vulnerability in Password Management Platform

FBI, CISA, Coast Guard Report Cyber Vulnerability in Password Management Platform
BlackMatter Ransomware

The FBI, Coast Guard Cyber Command and the Cybersecurity and Infrastructure Security Agency (CISA) have jointly reported a cyber vulnerability in a self-service password management platform made by Zoho.

Cyber actors capitalizing on advanced persistent threats (APT) are likely to exploit a vulnerability found in Zoho's ManageEngine ADSelfService Plus, CISA said Thursday.

The vulnerability, when exploited, may risk critical U.S. infrastructure providers, universities, infrastructure companies, defense contractors and other users of the platform.

Cybercriminals have reportedly used the vulnerability to dump user credentials, decode information, steal database copies, delete users and perform other unauthorized activity.

The joint report, titled APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus, features recommendations on how to mitigate the issue.

The three agencies are now conducting investigations and response efforts to address the malicious activities based on the vulnerability.

You may also be interested in...

Roxanne Taylor

Marketing & Communications Leader Roxanne Taylor Elected to Unisys Board of Directors

Unisys Corporation has elected Roxanne Taylor, who currently serves as the chief marketing and communications officer for New York’s Memorial Sloan Kettering Cancer Center, to its board of directors, effective October 18th. Taylor will leverage her three decades of experience in marketing, communications and brand leadership to help accelerate the progress of multiple brand awareness and culture initiatives across Unisys.