1 min read
Articles of interest from the week of September 6, 2021
3 Metrics to Gauge Cybersecurity Program Health Imagine the United Nations General Assembly with no translators—and people speaking dozens of...
1 min read
New PaperCut Critical Bug Exposes Unpatched Servers to RCE Attacks
PaperCut recently fixed a critical security vulnerability in its NG/MF print management software that allows unauthenticated attackers to gain remote code execution on unpatched Windows servers.
Tracked as CVE-2023-39143, the flaw results from a chain of two path traversal weaknesses discovered by Horizon3 security researchers that enable threat actors to read, delete, and upload arbitrary files on compromised systems following low-complexity attacks that don't require user interaction. (BleepingComputer)
 |
| "Comprehending the capabilities and features of diverse software and products before deployment is now more critical than ever. While specific features can enhance usability and functionality, understanding the mechanics of these integrations and configuring them properly, or disabling them altogether if unnecessary, can assist in mitigating vulnerabilities such as this.” – Craig Flynn, SOC Analyst Lead at Ingalls Information Security |
Takeovers of MFA-Protected Accounts Increase, As Microsoft 365 Phishing Campaign Shows
The new phishing campaign targets business executives and uses EvilProxy to defeat multifactor authentication. (CSO)
Microsoft Patch Tuesday, August 2023 Edition
Microsoft Corp. recently issued software updates to plug more than 70 security holes in its Windows operating systems and related products, including multiple zero-day vulnerabilities currently being exploited in the wild. (Krebs on Security)
Over 120,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums
A "staggering" 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious actors. (The Hacker News)
Whirlpool Malware Rips Open Old Barracuda Wounds
CISA has found yet another backdoor malware variant in compromised Barracuda systems with zero-day ESG vulnerability. Advanced persistent threat (APT) attacks targeting a former zero-day remote command injection vulnerability in Barracuda email security gateway (ESG) appliances have been detected by the US cybersecurity and infrastructure security agency. (CSO)
