SynopsisPeopleSoft ​is an enterprise resource planning suite used by organizations to manage ​core business functions including human resources, finance and supply-chain operations.Alphabet's cybersecurity unit Mandiant and Google Threat Intelligence Group said Thursday they had identified an active compromise and extortion campaign targeting Oracle's PeopleSoft enterprise software, which they attributed to the hacking group ShinyHunters.The campaign took ‌place between ⁠May ⁠27 and June 9, Google said in a blog.PeopleSoft ​is an enterprise resource planning suite used by organizations to manage ​core business functions including human resources, finance and supply-chain operations.After becoming aware of active scanning ​and exploitation, Google said it ⁠notified more ‌than 100 organizations whose IP addresses ​correlated with ​potentially vulnerable endpoints. Most were based ⁠in the U.S., and 68% were in ​the higher education sector.Researchers found that the ​attackers hosted customized MeshCentral agents disguised as legitimate cloud endpoints, which were used to run administrative command queries.As the activity occurred before Oracle issued a security advisory on June 10, ‌the hackers were able to exploit the vulnerability as a "zero-day" flaw, meaning there ​was ​no patch available ⁠at the time of the attacks.ShinyHunters is a hacking group with a history of targeting global companies ​for extortion. Last month, the group struck a deal with Instructure, the parent company of education tool Canvas, to secure stolen student and school data. ...moreElevate your knowledge and leadership skills at a cost cheaper than your daily tea.Subscribe Now