LINK Zoho’s ManageEngine product seems to always be under attack. They just released a new CRITICAL update. Please update your installation.
LINK his joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to highlight the cyber threat associated with active exploitation of a newly identified vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus—IT help desk software with asset management.
LINK Microsoft is tracking active attacks against Zoho ManageEngine ADSelfService Plus using a RCE, CVE-2021-40539
LINK Zoho has updated their ADSelfService Plus software as it has been found to contain an RCE.