News: ManageEngine MSP Has Critical Security Flaw
ManageEngine Desktop Central MSP, a popular tool for managed service providers (MSPs), has a critical security flaw. The vulnerability is currently being exploited by bad acters. ManageEngine has issued a security patch, and all users are advised to download it immediately. ManageEngine has also released a tool to inspect a user’s PC for signs of exploitation.
ManageEngine creates IT management software that is used by hundreds of thousands of companies across the globe. This attack is emblematic of a rising regularity of attacks against MSPs and other third parties.
If your organization has been affected, ManageEngine recommends the following:
Initiate a password reset for all services, accounts, Active Directory, etc. that has been accessed from the service installed machine. It is better if AD administrator passwords are also reset.
Accume takes this moment to remind its client’s that “Right to Audit” is a crucial component of 3rd party risk management. Managing third party risk is an increasingly crucial part of modern enterprise risk management. Click here to speak to an expert.