Bottom Line Up Front If you use PaperCut, patch immediately to prevent ransomware and malicious exploitation.
If you use PaperCut, it is advised that you install the most recent patch now to prevent further exploitation. A group of known threat actors has found a vulnerability with the common print management software PaperCut which is used by large institutions, companies, and organizations and by hundreds of millions of people from over 100 countries.
- CVE-2023–27350 / ZDI-CAN-18987 / PO-1216: Unauthenticated remote code execution flaw impacting all PaperCut MF or NG versions 8.0 or later on all OS platforms, for both application and site servers. (CVSS v3.1 score: 9.8 – critical)
- CVE-2023–27351 / ZDI-CAN-19226 / PO-1219: Unauthenticated information disclosure flaw impacting all PaperCut MF or NG versions 15.0 or later on all OS platforms for application servers. (CVSS v3.1 score: 8.2 – high)
As early as April 11th but officially on April 13th, hackers known as Lace Tempest (previously DEV-0950) associated with CIOp (“Clop” and LockBit ransomware gangs as with past association with other known financially motivated threat actors FIN11, TA505, and Evil Corp exploited a vulnerability allowing TrueBot ransomware to gain access to archived print jobs and user information through the MegaSync file sharing application. This type of attack was recently used to exploit Fortra’s GoAnywhere MFT earlier this year.
Since the PaperCut exploits are very fresh, many of the affected organizations might not be aware that ransomware syndicates are snooping within their IT environments.
– CyberNews April 27th, 2023
Staying in front of these emerging threats can be overwhelming, if it is, allow us to help.
About iLLÜM Advisors
At iLLÜM we are passionate about helping our clients overcome IT challenges without simply throwing money at additional technology point solutions. We accomplish this by enabling their existing IT teams to deliver transformative solutions with velocity and improve cyber risk postures.
Our team of senior IT leaders, project managers, and industry-leading IT management platform help organizations tackle their most pressing IT challenges. All our service options are provided on month-to-month subscriptions, so organizations of all sizes can receive expert IT guidance and project management on-demand, within budget, and without the costs associated with long-term commitments.