News Snapshot:
Microsoft has sent an alert about a sophisticated Chinese hacker group targeting an obscure bug in Zoho software to install a webshell. Microsoft Threat Intelligence Center (MSTIC) has detected exploits targeting systems running [Zoho ManageEngine ADSelfService Plus](javascript:void(0)) , a self-service password management and single sign-on solution, with the remote code execution bug tracked as [CVE-2021-40539](javascript:void(0)) . Zoho is best known as a popular software-as-a-service vendor, while ManageEngine is the company’s enterprise IT management software division. It’s a targeted malware campaign, so most Windows users shouldn’t need to worry about it, but Microsoft has [flagged the campaign](javascript:void(0)) , which it first...
