Tag

Papercut

All articles tagged with #papercut

cybersecurity2 years ago•2 min saved

Critical RCE Vulnerabilities Expose Unpatched Servers and MSMQ QueueJumper: Analysis

PaperCut's NG/MF print management software has fixed a critical security vulnerability (CVE-2023-39143) that allows unauthenticated attackers to execute remote code on unpatched Windows servers. The flaw stems from two path traversal weaknesses, enabling threat actors to manipulate files on compromised systems. While the vulnerability only affects non-default server configurations, it is estimated that most PaperCut installations have the affected setting enabled. Admins are advised to install security updates promptly or restrict access through IP allowlisting. Previously, PaperCut servers were targeted by ransomware gangs exploiting other vulnerabilities, leading to data theft and attacks by state-backed hacking groups.

via BleepingComputer|

#cybersecurity #papercut #rce-attacks

cybersecurity2 years ago•2 min saved

Bl00dy Ransomware Group Exploits PaperCut Vulnerability in Education Sector Attacks

The FBI and CISA have issued a joint advisory warning that the Bl00dy Ransomware gang is exploiting a PaperCut remote-code execution vulnerability to gain initial access to networks, with a focus on the education sector. The vulnerability has been under active exploitation since at least April 18, 2023, and organizations have been slow to install the update, allowing exposure to attacks. The Bl00dy ransomware operation launched in May 2022 and uses an encryptor based on the leaked LockBit source code. The recommended action is to apply the available security updates on PaperCut MF and NG servers.

via BleepingComputer|

#bl00dy-ransomware #cve-2023-27350 #cybersecurity