#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

PaperCut | Breaking Cybersecurity News | The Hacker News

Category — PaperCut
Researchers Uncover New High-Severity Vulnerability in PaperCut Software

Researchers Uncover New High-Severity Vulnerability in PaperCut Software

Aug 05, 2023 Vulnerability / Software Security
Cybersecurity researchers have discovered a new high-severity security flaw in PaperCut print management software for Windows that could result in remote code execution under specific circumstances. Tracked as  CVE-2023-39143  (CVSS score: 8.4), the flaw impacts PaperCut NG/MF prior to version 22.1.3. It has been described as a combination of a path traversal and file upload vulnerability. "CVE-2023-39143 enables unauthenticated attackers to potentially read, delete, and upload arbitrary files to the PaperCut MF/NG application server, resulting in remote code execution in certain configurations," Horizon3.ai's Naveen Sunkavally  said . The cybersecurity firm said that file upload leading to remote code execution is possible when the external device integration setting is enabled, which is on by default in some installations of PaperCut. Earlier this April, another remote code execution vulnerability in the same product (CVE-2023-27350, CVSS score: 9.8) and an infor
Bl00dy Ransomware Gang Strikes Education Sector with Critical PaperCut Vulnerability

Bl00dy Ransomware Gang Strikes Education Sector with Critical PaperCut Vulnerability

May 12, 2023 Vulnerability / Ransomware
U.S. cybersecurity and intelligence agencies have warned of attacks carried out by a threat actor known as the  Bl00dy Ransomware Gang  that attempt to exploit vulnerable PaperCut servers against the education facilities sector in the country. The attacks took place in early May 2023, the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) said in a joint cybersecurity advisory issued Thursday. "The Bl00dy Ransomware Gang gained access to victim networks across the Education Facilities Subsector where PaperCut servers vulnerable to  CVE-2023-27350  were exposed to the internet," the agencies  said . "Ultimately, some of these operations led to data exfiltration and encryption of victim systems. The Bl00dy Ransomware Gang left ransom notes on victim systems demanding payment in exchange for decryption of encrypted files." Additionally, the Bl00dy actors are said to have used TOR and other proxies from within victim
Permiso State of Identity Security 2024: A Shake-up in Identity Security Is Looming Large

Permiso State of Identity Security 2024: A Shake-up in Identity Security Is Looming Large

Oct 23, 2024Identity Security / Data Protection
Identity security is front, and center given all the recent breaches that include Microsoft, Okta, Cloudflare and Snowflake to name a few. Organizations are starting to realize that a shake-up is needed in terms of the way we approach identity security both from a strategic but also a technology vantage point.  Identity security is more than just provisioning access  The conventional view of viewing identity security as primarily concerned with provisioning and de-provisioning access for applications and services, often in a piecemeal manner, is no longer sufficient. This view was reflected as a broad theme in the Permiso Security State of Identity Security Report (2024) , which finds that despite growing levels of confidence in the ability to identify security risk, nearly half of organizations (45%) remain "concerned" or "extremely concerned" about their current tools being able to detect and protect against identity security attacks.  The Permiso commissioned survey conducted o
Microsoft Warns of State-Sponsored Attacks Exploiting Critical PaperCut Vulnerability

Microsoft Warns of State-Sponsored Attacks Exploiting Critical PaperCut Vulnerability

May 09, 2023 Cyber Espionage / Vulnerability
Iranian nation-state groups have now joined financially motivated actors in actively exploiting a critical flaw in PaperCut print management software, Microsoft disclosed over the weekend. The tech giant's threat intelligence team said it observed both Mango Sandstorm (Mercury) and Mint Sandstorm (Phosphorus) weaponizing CVE-2023-27350 in their operations to achieve initial access. "This activity shows Mint Sandstorm's continued ability to  rapidly incorporate [proof-of-concept] exploits  into their operations," Microsoft  said  in a series of tweets. On the other hand, CVE-2023-27350 exploitation activity associated with Mango Sandstorm is said to be on the lower end of the spectrum, with the state-sponsored group "using tools from prior intrusions to connect to their C2 infrastructure." It's worth noting that  Mango Sandstorm  is linked to Iran's Ministry of Intelligence and Security (MOIS) and  Mint Sandstorm  is associated with the Islamic
cyber security

How To Comply With The Cyber Insurance MFA Checklist

websiteSilverfortCyber Insurance / Authentication
Learn how to comply with the checklist of resources requiring MFA coverage in cyber insurance policies.
Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection

Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection

May 04, 2023 Server Security / Vulnerability
Cybersecurity researchers have found a way to exploit a recently disclosed critical flaw in PaperCut servers in a manner that bypasses all current detections. Tracked as  CVE-2023-27350  (CVSS score: 9.8), the issue affects PaperCut MF and NG installations that could be exploited by an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. While the flaw was  patched  by the Australian company on March 8, 2023, the first signs of active exploitation emerged on April 13, 2023. Since then, the vulnerability has been  weaponized  by multiple threat groups, including  ransomware actors , with post-exploitation activity resulting in the execution of PowerShell commands designed to drop additional payloads. Now, VulnCheck has  published  a proof-of-concept (PoC) exploit that sidesteps existing detection signatures by leveraging the fact that "PaperCut NG and MF offer multiple paths to code execution." It's worth noting that public exploits for the fla
Expert Insights / Articles Videos
Cybersecurity Resources