Patches have been issued by PaperCut for a critical security flaw impacting its NG/MF print management software, which could be exploited to facilitate remote code execution on vulnerable Windows servers, BleepingComputer reports.
Windows servers in non-default configurations that have an activated external device integration setting are affected by the vulnerability, tracked as CVE-2023-39143, which stems from the combination of path traversal bugs, according to Horizon3, which discovered the vulnerability.
"Based on sample data we have collected at Horizon3 from real-world environments, we estimate that the vast majority of PaperCut installations are running on Windows with the external device integration setting turned on," said Horizon3, which said that external device integration is on by default in PaperCut MF and PaperCut NG Commercial version.
Such a fix comes after the earlier exploitation of two other PaperCut vulnerabilities, tracked as CVE-2023-27350 and CVE-2023-27351, in attacks that Microsoft has attributed to the LockBit and Cl0p ransomware operations, as well as the Iranian state-sponsored threat groups APT35 and Muddywater.
Utilization of Slack will be halted across most of Disney's businesses by the end of the year, said Disney Chief Financial Officer Hugh Johnston in a report in the Status media newsletter.
Attacks involved the utilization of Amazon S3 bucket and Content Delivery Network-hosted sites spoofing Google CAPTCHA pages and other verification sites, which include instructions that trigger a malicious PowerShell command downloading Lumma Stealer and proceeding with the exfiltration of sensitive device data.
Some of the 340 GB of sensitive data purportedly stolen from the City of Pleasanton, including names, birthdates, credit card numbers, and other personal and corporate financial information, have already been exposed by Valencia.