Senior decision-makers come together to connect around strategies and business trends affecting utilities.

Shared Link

NPCC Security Bulletin Publicly available: Zoho ManageEngine ServiceDesk Plus Vulnerability

Richard Brooks 101,116

Co-Founder and Lead Software Engineer Reliable Energy Analytics LLC

Dick Brooks is the inventor of patent 11,374,961: METHODS FOR VERIFICATION OF SOFTWARE OBJECT AUTHENTICITY AND INTEGRITY and the Software Assurance Guardian™ (SAG ™) Point Man™ (SAG-PM™) software...

Member since 2018
1,530 items added with 668,711 views

Contact

Profile

Dec 16, 2021Dec 16, 2021 3:28 pm GMT
451 views

Just what we needed on the heels of the Log4j vulnerability, another remote code execution (RCE) vulnerability - see link below.

It feels like we are drowning in vulnerabilities and the life rafts are scarce. The energy industry could benefit greatly by following the advice of EEI and require software vendors to provide SBOM's as apart of the procurement contract negotiations. Once an SBOM is in hand a software customer can follow the NATF Security Assessment Model and NIST SP 800-161 R2 Appendix F guidelines for supply chain risk assessment best practices using SBOM, see this Energy Central article for details.

Never trust software, always verify and report!™

NPCC Security Bulletin Publicly available: Zoho ManageEngine ServiceDesk Plus Vulnerability

Zoho ManageEngine ServiceDesk Plus Vulnerability On Thursday, December 2, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) and Federal Bureau of Investigations (FBI) reported a new campaign targeting ManageEngine ServiceDesk Plus servers (on-premises) that are vulnerable to CVE-2021-44077. CVE-2021-44077 is an unauthenticated remote code execution vulnerability in ManageEngine ServiceDesk Plus affecting all versions of ServiceDesk Plus up to, and including, version 11305. Following initial exploitation of CVE-2021-44077 on a targeted system, the threat actors have been observed uploading executable files and placing web shells that enable post-exploitation activities such as compromising administrator credentials, conducting lateral movement, and exfiltrating registry hives and Active Directory files.

Source: www.npcc.org

cybersecurity

Discussions

Sign in to Participate

No discussions yet. Start a discussion below.

Thank Richard for the Post!

Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.

Follow Profile

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

Start a Post » Learn more about posting on Energy Central »