Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs

June 21, 2023

Rewterz Threat Alert – BlueNoroff APT Group – Active IOCs

June 21, 2023

Rewterz Threat Advisory – CVE-2023-35854 – Zoho ManageEngine ADSelfService Plus Vulnerability

June 21, 2023

Severity

Medium

Analysis Summary

CVE-2023-35854

Zoho ManageEngine ADSelfService Plus could allow a remote attacker to bypass security restrictions, caused by pmproper protection to the domain controller session token. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass authentication and achieving the privileges of the domain controller administrator.

Impact

Security Bypass

Indicators Of Compromise

CVE

CVE-2023-35854

Affected Vendors

Zoho

Affected Products

Zoho ManageEngine ADSelfService Plus 6113

Remediation

Refer to ManageEngine Web site for the patch, upgrade, or suggested workaround information.

ManageEngine Web site

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs

Rewterz Threat Alert – BlueNoroff APT Group – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.