URGENT! Patch PaperCut today to block ransomware and hacking

  • Designer
  • May 26, 2023
  • 5 minutes of reading
  • Edited 8 months ago

Table of Contents

Bottom Line Up Front     If you use PaperCut,  patch immediately to prevent ransomware and malicious exploitation. 

If you use PaperCut, it is advised that you install the most recent patch now to prevent further exploitation. A group of known threat actors has found a vulnerability with the common print management software PaperCut which is used by large institutions, companies, and organizations and by hundreds of millions of people from over 100 countries.

  • CVE-2023–27350 / ZDI-CAN-18987 / PO-1216: Unauthenticated remote code execution flaw impacting all PaperCut MF or NG versions 8.0 or later on all OS platforms, for both application and site servers. (CVSS v3.1 score: 9.8 – critical)
  • CVE-2023–27351 / ZDI-CAN-19226 / PO-1219: Unauthenticated information disclosure flaw impacting all PaperCut MF or NG versions 15.0 or later on all OS platforms for application servers. (CVSS v3.1 score: 8.2 – high)

As early as April 11th but officially on April 13th, hackers known as Lace Tempest (previously DEV-0950) associated with CIOp (“Clop” and LockBit ransomware gangs as with past association with other known financially motivated threat actors FIN11, TA505, and Evil Corp exploited a vulnerability allowing TrueBot ransomware to gain access to archived print jobs and user information through the MegaSync file sharing application.  This type of attack was recently used to exploit Fortra’s GoAnywhere MFT earlier this year.

Since the PaperCut exploits are very fresh, many of the affected organizations might not be aware that ransomware syndicates are snooping within their IT environments.

– CyberNews April 27th, 2023

Staying in front of these emerging threats can be overwhelming, if it is, allow us to help.

About iLLÜM Advisors

At iLLÜM we are passionate about helping our clients overcome IT challenges without simply throwing money at additional technology point solutions. We accomplish this by enabling their existing IT teams to deliver transformative solutions with velocity and improve cyber risk postures.

Our team of senior IT leaders, project managers, and industry-leading IT management platform help organizations tackle their most pressing IT challenges. All our service options are provided on month-to-month subscriptions, so organizations of all sizes can receive expert IT guidance and project management on-demand, within budget, and without the costs associated with long-term commitments.

Ready to Talk? – iLLÜM ADVISORS (illumadvisors.com)

or

Schedule a free 20 Minute Call! 

About iLLÜM Advisors

Share this article with a friend

G.S.D.
Get. Success. Delivered.

  • Aligned
  • Accelerated
  • Budgeted
  • Governed
  • Secured
  • Transparent

We respond within 24 hours

iLLUM understands that IT is the framework upon which an entire business operates. In order to match the level of responsiveness our customers require for IT issues, iLLUM has invested heavily in developing customer platforms that allow us to onboard new clients in a matter of hours. If you reach out to us, we will respond and make ourselves available to meet within 24 hours.

Subscribe to our monthly newsletter

iLLÜM was founded to serve organizations that need clear visibility in the areas of IT leadership, program management, and their exposure to risk.

Quick Links
Important Links
Let’s Connect!
Connect with entrepreneurs, build your network, make great business.
Twitter
Facebook
Linkedin
  • Phone
  • Mail
  • WhatsApp
  • Messenger
× Send
Copyright © 2024 by IlUM Advisors

Powered by Webtec

Create an account to access this functionality.
Discover the advantages