The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding active exploitation of a high-severity vulnerability, CVE-2023-2533, within PaperCut NG/MF print management software, urging immediate patching for over 100 million users across 70,000 organizations.
CVE-2023-2533, a cross-site request forgery (CSRF) vulnerability patched in June 2023, enables remote code execution. Exploitation requires an attacker to trick an administrator, possessing a current login session, into clicking a maliciously crafted link, which can lead to altered security settings or arbitrary code execution. CISA has not released specific details concerning current attacks but has incorporated CVE-2023-2533 into its Known Exploited Vulnerabilities Catalog.
Federal Civilian Executive Branch (FCEB) agencies are mandated by the November 2021 Binding Operational Directive (BOD) 22-01 to patch this vulnerability by August 18. CISA advises all organizations, including those in the private sector, to prioritize patching, stating that such vulnerabilities are frequent attack vectors for malicious cyber actors and present significant risks to the federal enterprise.
Microsoft finds a major privacy flaw in Apple’s Spotlight search
Shadowserver, a non-profit security organization, currently identifies over 1,100 PaperCut MF and NG servers exposed online. Not all these servers are susceptible to CVE-2023-2533 attacks. While CISA has no evidence directly linking CVE-2023-2533 to ransomware attacks, PaperCut servers have been compromised by ransomware groups earlier in 2023. These prior breaches leveraged CVE-2023-27350, a critical unauthenticated remote code execution vulnerability, and CVE-2023-27351, a high-severity information disclosure flaw.
In April 2023, Microsoft associated attacks on PaperCut servers with the LockBit and Clop ransomware gangs, who utilized their access to steal corporate data. Approximately two weeks thereafter, Microsoft reported that Iranian state-backed hacking groups, identified as Muddywater and APT35, had also engaged in these attacks. These threat actors exploited the ‘Print Archiving‘ feature, which is designed to save documents routed through PaperCut printing servers.
CISA included CVE-2023-27350 in its catalog of actively exploited vulnerabilities on April 21, 2023, requiring U.S. federal agencies to secure their servers by May 12, 2023. One month later, CISA and the FBI jointly issued an advisory, indicating that the Bl00dy Ransomware gang had also commenced exploiting the CVE-2023-27350 RCE vulnerability to gain initial access to educational organizations’ networks.
Featured image credit
FAQs
Frequently Asked Questions
What is a Premium Domain Name? A premium domain name is the digital equivalent of prime real estate. It’s a short, catchy, and highly desirable web address that can significantly boost your brand's impact. These exclusive domains are already owned but available for purchase, offering you a shortcut to a powerful online presence. Why Choose a Premium Domain? Instant Brand Boost: Premium domains are like instant credibility boosters. They command attention, inspire trust, and make your business look established from day one. Memorable and Magnetic: Short, sweet, and unforgettable - these domains stick in people's minds. This means more visitors, better recall, and ultimately, more business. Outshine the Competition: In a crowded digital world, a premium domain is your secret weapon. Stand out, get noticed, and leave a lasting impression. Smart Investment: Premium domains often appreciate in value, just like a well-chosen piece of property. Own a piece of the digital world that could pay dividends. What Sets Premium Domains Apart? Unlike ordinary domain names, premium domains are carefully crafted to be exceptional. They are shorter, more memorable, and often include valuable keywords. Plus, they often come with a built-in advantage: established online presence and search engine visibility. How Much Does a Premium Domain Cost? The price tag for a premium domain depends on its desirability. While they cost more than standard domains, the investment can be game-changing. Think of it as an upfront cost for a long-term return. BrandBucket offers transparent pricing, so you know exactly what you're getting. Premium Domains: Worth the Investment? Absolutely! A premium domain is more than just a website address; it's a strategic asset. By choosing the right premium domain, you're investing in your brand's future and setting yourself up for long-term success. What Are the Costs Associated with a Premium Domain? While the initial purchase price of a premium domain is typically higher than a standard domain, the annual renewal fees are usually the same. Additionally, you may incur transfer fees if you decide to sell or move the domain to a different registrar. Can I Negotiate the Price of a Premium Domain?
In some cases, it may be possible to negotiate the price of a premium domain. However, the success of negotiations depends on factors such as the domain's demand, the seller's willingness to negotiate, and the overall market conditions. At BrandBucket, we offer transparent, upfront pricing, but if you see a name that you like and wish to discuss price, please reach out to our sales team.
How Do I Transfer a Premium Domain?
Transferring a premium domain involves a few steps, including unlocking the domain, obtaining an authorization code from the current registrar, and initiating the transfer with the new registrar. Many domain name marketplaces, including BrandBucket, offer assistance with the transfer process.
