Zoho/Godzilla
Threat Update

BITTE ANPASSEN

MODIFIER

EDITAR

EDITAR

EDIT ME

내 정보 수정

编辑本内容

編輯我

EDITAR

EDITAR

Unit 42 on-demand briefing

BITTE ANPASSEN

MODIFIER

EDITAR

EDITAR

내 정보 수정

编辑本内容

編輯我

EDITAR

Update on the Targeted Attack Campaign

BITTE ANPASSEN

MODIFIER

EDITAR

EDITAR

내 정보 수정

编辑本内容

編輯我

EDITAR

In September 2021, the Unit 42 team observed a sophisticated attack campaign where threat actors scanned for organizations that had not yet patched a vulnerability in Zoho’s ManageEngine product, ADSelfService Plus. They then targeted high-interest networks for network access and information exfiltration. This attack compromised at least nine organizations in the defense, energy, healthcare and education sectors in the US and other countries.

After compromising a network, the threat actor quickly moved laterally to gain access to additional systems. Once there, they deployed several tools to gather and exfiltrate sensitive information.

We also observed some correlations between the tactics and tooling used in the analyzed cases and those of a known China-based threat group. 

Join Jen Miller-Osborn, deputy director for Unit 42 threat research, in this on-demand webinar to learn:

  • Key findings following the initial exploitation
  • Threat actors’ primary goals, tactics and tools used
  • The overall impact on affected organizations and customers
  • Recommended remediation actions for this campaign
  • How Palo Alto Networks can help your organization become more resilient
LP-3 Sec 1 Content
LP-3 Sec 1 Content
LP-3 Sec 1 Content
LP-3 Sec 1 Contenido
LP-3 Sec 1 Content
LP-3 安全 1 内容
LP-3 第 1 節的內容
LP-3 Sec 1 Contenido
LP-3 Sec 1 Content

Zoho/Godzilla
threat update

BITTE ANPASSEN

MODIFIER

EDITAR

EDITAR

내 정보 수정

编辑本内容

編輯我

EDITAR

EDITAR