Researchers Uncover New High-Severity Vulnerability in PaperCut Software

Cybersecurity researchers have discovered a new high-severity security flaw in PaperCut print management software for Windows that could result in remote code execution under specific circumstances. Tracked as CVE-2023-39143 (CVSS score: 8.4), the flaw impacts PaperCut NG/MF prior to version 22.1.3. It has been described as a combination of a path traversal and file upload vulnerability. “

The end looms for Meta’s behavioural advertising in Europe

The EU is going toe to toe with Meta once more, with the social network giant conceding defeat yet again. After having taken Meta to task for various privacy violations and data breaches, Meta is now having to provide European users with a way to opt out of behavioural advertising. The threat of fines totalling […]

Microsoft Teams used in phishing campaign to bypass multi-factor authentication

Attackers believed to have ties to Russia’s Foreign Intelligence Service (SVR) are using Microsoft Teams chats as credential theft phishing lures. Microsoft Threat Intelligence has posted details about the perceived attacks targeted at fewer than 40 unique global organizations. The targeted organizations are mostly found among government, non-government organizations (NGOs), IT services, technology, discrete manufacturing, […]

Globally Used Points.com Loyalty System Hacked for Good

By Habiba Rashid Cybersecurity researcher Sam Curry and his team managed to hack Points.com before malicious threat actors could. This is a post from HackRead.com Read the original post: Globally Used Points.com Loyalty System Hacked for Good

NYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex Hack

A married couple from New York City has pleaded guilty to money laundering charges in connection with the 2016 hack of cryptocurrency stock exchange Bitfinex, resulting in the theft of about 120,000 bitcoin. The development comes more than a year after Ilya Lichtenstein, 35, and his wife, Heather Morgan, 33, were arrested in February 2022, following […]

Webinar – Making PAM Great Again: Solving the Top 5 Identity Team PAM Challenges

Privileged Access Management (PAM) solutions are widely acknowledged as the gold standard for securing critical privileged accounts. However, many security and identity teams face inherent obstacles during the PAM journey, hindering these solutions from reaching their full potential. These challenges deprive organizations of the resilience they seek, making it essential to address them

Malicious npm Packages Found Exfiltrating Sensitive Data from Developers

Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information. Software supply chain firm Phylum, which first identified the “test” packages on July 31, 2023, said they “demonstrated increasing functionality and refinement,” hours after which they were removed and re-uploaded under different

Major Cybersecurity Agencies Collaborate to Unveil 2022’s Most Exploited Vulnerabilities

A four-year-old critical security flaw impacting Fortinet FortiOS SSL has emerged as one of the most routinely and frequently exploited vulnerabilities in 2022. “In 2022, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed vulnerabilities and targeted unpatched, internet-facing systems,” cybersecurity and intelligence agencies from the Five