State-sponsored hacking group targets Port of Houston using Zoho zero-day
A suspected state-sponsored hacking group has attempted to breach the network of the Port of Houston, one of the largest port authorities in the US, using a zero-day vulnerability in a Zoho user authentication appliance, CISA officials said in a Senate hearing today. Port officials said they successfully defended the attack, and “no operational data or systems were impacted as a result” of the attempted intrusion.
The investigation into the attack resulted in CISA, the FBI, and the Coast Guard sending a joint advisory on September 16 warning US organizations about attacks carried out by a nation-state hacking group using the Zoho zero-day. According to Matt Dahl, Principal Intelligence Analyst at security firm CrowdStrike, the zero-day had been used in attacks since late August.
[Source : therecord ]