• Skip to primary navigation
  • Skip to main content
nGuard

nGuard

Call us p. 704.583.4088
  • Solutions
    • Security Assessments
    • Compliance
    • Cyber Security Incidence Response
    • Penetration Testing
    • Managed Event Collection
    • Vulnerability Management
    • Red Teaming
    • Mobile Security
    • Cloud Security
  • Industries
    • Healthcare
    • Energy
    • Information Technology
    • Manufacturing
  • About Us
    • Our Company
    • Careers
    • Blog
  • Contact
Client PortalSpeak to An Expert

Written by nGuard / November 11, 2021

Several Organizations Breached By Foreign Hackers

Share

On Monday, CNN reported that nine organizations spread across multiple sectors have been breached by what is believed to be foreign hackers. Palo Alto made it known to CNN that organizations within health care, technology, education, defense, and energy had all been the target of recent security breaches. It is also being reported that officials from the NSA and CISA are actively tracking the threat and working to mitigate it.

By exploiting a vulnerability in ManageEngine ADSelfService Plus which corporations utilize for password management and stealing those passwords from targeted organizations, attackers have been able to maintain persistent access on internal networks. This buys the attackers time to further their attack vectors and compromise more endpoints, as well as work to compromise high privilege accounts and increase their chances of accessing critical information. The official from Palo Alto that provided this information to CNN believe this is just the “tip of the spear” of the likely spying campaign that is taking place by foreign adversaries.

While it is currently unknown who is responsible for this attack, Palo Alto is reporting that many of the tactics and toolkits discovered are consistent with a suspected Chinese hacking group. The NSA and CISA, when asked to comment on the likely identity of these hackers, refused to comment. Officials from Palo Alto are stressing that it is extremely important to stay on top of software updates. Attackers are exploiting well known software vulnerabilities that could have been easily patched by the target organization. They are also encouraging organizations that utilize Zoho software to update their systems and search for signs of potential breach.

Vulnerable software is one of the top things attackers looks for when attempting to target an organization. Many times, these vulnerabilities and their corresponding exploits are widely known and easily preventable if you are aware of them. Conducting periodic penetration testing on both the external perimeter and internal network can prevent this vulnerabilities from being present in your environment. Additionally, having vulnerability scans run on a regular basis can make you aware of these critical vulnerabilities and your security team can eliminate them from the environment. 

Filed Under: Advisory, Compliance, Events, General, Products & Services, Vulnerabilities & Exploits

nGuard

nGuard

3540 Toringdon Way
Suite 200
Charlotte, NC 28277-4650

info@nGuard.com

Client Portal

Solutions

  • Security Assessments
  • Compliance
  • Cyber Security Incident Response
  • Penetration Testing
  • Managed Event Collection
  • nGuard Vulnerability Management
  • Mobile Security
  • Cloud Security

Industries

  • Energy
  • Healthcare
  • Manufacturing
  • Information Technology

About Us

  • Our Company
  • Careers
  • Blog

© 2023 nGuard. All rights reserved.

  • Privacy Policy