PaperCut recently fixed a critical security vulnerability in its NG/MF print management software that allows unauthenticated attackers to gain remote code execution on unpatched Windows servers.
Tracked as CVE-2023-39143, the flaw results from a chain of two path traversal weaknesses discovered by Horizon3 security researchers that enable threat actors to read, delete, and upload arbitrary files on compromised systems following low-complexity attacks that don't require user interaction. (BleepingComputer)
"Comprehending the capabilities and features of diverse software and products before deployment is now more critical than ever. While specific features can enhance usability and functionality, understanding the mechanics of these integrations and configuring them properly, or disabling them altogether if unnecessary, can assist in mitigating vulnerabilities such as this.”
– Craig Flynn, SOC Analyst Lead at Ingalls Information Security
The new phishing campaign targets business executives and uses EvilProxy to defeat multifactor authentication. (CSO)
Microsoft Corp. recently issued software updates to plug more than 70 security holes in its Windows operating systems and related products, including multiple zero-day vulnerabilities currently being exploited in the wild. (Krebs on Security)
A "staggering" 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious actors. (The Hacker News)
CISA has found yet another backdoor malware variant in compromised Barracuda systems with zero-day ESG vulnerability. Advanced persistent threat (APT) attacks targeting a former zero-day remote command injection vulnerability in Barracuda email security gateway (ESG) appliances have been detected by the US cybersecurity and infrastructure security agency. (CSO)