Since PaperCut NG provides a Configuration wizard, you should be able to make the necessary adjustments quite easily: set up a password, choose an organization type, specify the printing costs and select the user information source. However, to get started, you must first configure the application via the web setup wizard: from the PaperCut NG folder placed in your Applications directory select the “Admin Login.url” entry. PaperCut NG comes with its own installer and an uninstaller command that greatly streamline both procedures. Simple installation process and web-based system configuration PaperCut NG proposes a management system that can be accessed via any web browser and can be used to monitor all the printing devices connected to your network. On Monday, researchers with automated pentesting firm Horizon3 released its own proof-of-concept exploit code for the 9.8-rated vulnerability.ĬISA added the highest-severity CVE-2023-27350 flaw to its list of actively exploited vulnerabilities on Friday, ordering federal agencies to secure their systems against ongoing exploitation within three weeks by May 12.Keeping track of specific tasks performed by various printers connected to your network can prove to be quite challenging without the proper tools. Huntress said it created an unreleased proof-of-concept exploit to evaluate the threat posed by the two vulnerabilities. “Potentially, the access gained through PaperCut exploitation could be used as a foothold leading to follow-on movement within the victim network, and ultimately ransomware deployment.” “While the ultimate goal of the current activity leveraging PaperCut’s software is unknown, these links (albeit somewhat circumstantial) to a known ransomware entity are concerning,” Huntress wrote. Clop is also believed to have used Truebot as part of its mass-hack targeting customers of Fortra’s GoAnywhere file transfer tool. Huntress said that the attackers used the remote tools to plant malware known as Truebot, which is often used by the Russia-backed Clop gang before it deploys ransomware. Huntress said it has detected about 1,800 internet-exposed PaperCut servers. Since PaperCut’s confirmation of in-the-wild attacks, cybersecurity company Huntress said it observed hackers exploiting the vulnerabilities to plant legitimate remote management software - Atera and Syncro - to backdoor unpatched servers. “We highly recommend upgrading to one of these versions containing the fix. “Both of these vulnerabilities have been fixed in PaperCut MF and PaperCut NG versions 20.1.7, 21.2.11 and 22.0.9 and later,” the company said. The bug allows hackers to extract information about users stored within a customer’s PaperCut MF and NG servers, including usernames, full names, email addresses, department information and payment card numbers associated with the accounts. PaperCut also sounded the alarm about a separate but similar flaw in its software, tracked as CVE-2023-27351 with a vulnerability severity rating of 8.2 out of 10. The vulnerability, tracked as CVE-2023-27350, is scored 9.8 out of a possible 10 in vulnerability severity as it could allow an unauthenticated attacker to remotely execute malicious code on a server without needing credentials. In an advisory last week, PaperCut said that a critical vulnerability it patched earlier in March was under active attack against machines that had yet to install the security update. PaperCut’s website says it has over 100 million users from more than 70,000 organizations worldwide. PaperCut offers two print management products, PaperCut NG and PaperCut MF, used by local governments, large enterprises and healthcare and education institutions. Print management software maker PaperCut says attackers are exploiting a critical-rated security vulnerability to gain access to unpatched servers on customer networks.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |