Security News > 2021 > November > State hackers breach defense, energy, healthcare orgs worldwide
Cybersecurity firm Palo Alto Networks warned over the weekend of an ongoing hacking campaign that has already resulted in the compromise of at least nine organizations worldwide from critical sectors, including defense, healthcare, energy, technology, and education.
To breach the orgs networks, the threat actors behind this cyberespionage campaign exploited a critical vulnerability in Zoho's enterprise password management solution known as ManageEngine ADSelfService Plus which allows remotely executing code on unpatched systems without authentication.
"While we lack insight into the totality of organizations that were exploited during this campaign, we believe that, globally, at least nine entities across the technology, defense, healthcare, energy and education industries were compromised," the researchers said.
"Through global telemetry, we believe that the actor targeted at least 370 Zoho ManageEngine servers in the United States alone. Given the scale, we assess that these scans were largely indiscriminate in nature as targets ranged from education to Department of Defense entities."
Palo Alto Networks' report also includes analysis from US Government partners, including NSA's Cybersecurity Collaboration Center, a component designed to prevent and block foreign cyber threats to National Security Systems, the Department of Defense, and the Defense Industrial Base with the help of private industry partners.
In early March, APT27 was also linked to attacks exploiting critical bugs to achieve remote code execution without authentication on unpatched on-premises Microsoft Exchange servers worldwide.
News URL
Related news
- Hackers Hit Indian Defense, Energy Sectors with Malware Posing as Air Force Invite (source)
- Chinese Earth Krahang hackers breach 70 orgs in 23 countries (source)
- CISA shares critical infrastructure defense tips against Chinese hackers (source)
- Russia Hackers Using TinyTurla-NG to Breach European NGO's Systems (source)
- Hackers exploit Ray framework flaw to breach servers, hijack resources (source)
- Finland confirms APT31 hackers behind 2021 parliament breach (source)
- U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers (source)
- Hacker claims Giant Tiger data breach, leaks 2.8M records online (source)
- DPRK hacking groups breach South Korean defense contractors (source)
- ArcaneDoor hackers exploit Cisco zero-days to breach govt networks (source)