"Iranian Hackers Breach US Aviation Org via Zoho, Fortinet Bugs"

The US Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the US Cyber Command (USCYBERCOM) published a joint advisory revealing that state-sponsored hacking groups exploited critical Zoho and Fortinet vulnerabilities to compromise a US aeronautical organization. The threat groups responsible for this breach have not yet been identified, but while the joint advisory did not attribute the attackers to a specific state, USCYBERCOM's press release connects them to Iranian exploitation efforts. CISA participated in the incident response between February and April and reported that the hacking groups had been inside the compromised aviation organization's network since at least January after hacking an Internet-exposed server running Zoho ManageEngine ServiceDesk Plus and a Fortinet firewall. This article continues to discuss key findings from the joint cybersecurity advisory on Iranian exploitation efforts that have impacted a US aeronautical organization. 

Bleeping Computer reports "Iranian Hackers Breach US Aviation Org via Zoho, Fortinet Bugs"