An unknown state-backed threat actor has allegedly expanded its attack efforts against cloud platform company Zoho and its ManageEngine ServiceDesk Plus software. The software is a help desk and asset management solution. In the past, the same adversary has targeted Zoho’s ADSelfService Plus. According to researchers, the APT has attacked 13 Zoho victims over the past several weeks, increasing its number of attacks from 9. Its most recent campaign was reported by Palo Alto Networks Unit 42 this week and echoes warnings in September by the FBI and the CISA of similar attacks. The targeting included an APT exploiting a zero-day vulnerability in the ADSelfService Plus software, but has now expanded to include ManageEngine ServiceDesk Plus.

Read more at – ADSelfService Plus – Threat Group Takes Aim Again at Cloud Platform Provider Zoho