28 April 2023

6 min read

PaperCut announces critical application server vulnerabilities | Cyber Intelligence Briefing: 28 April

April 2023
PaperCut announces critical application server vulnerabilities | Cyber Intelligence Briefing: 28 April placeholder thumbnail

 

Top news stories this week

  1. Ouch! Print management software PaperCut issues urgent patches for critical vulnerabilities.
  2. Listed. Personal data leaked after Yellow Pages Canada is hit by ransomware attack.
  3. Waste control. Data from decommissioned systems present an overlooked cyber risk.
  4. By the book. New EU cyber legislation could result in increased costs to UK businesses.
  5. On the hook. Finnish court finds former CEO guilty of negligence after data breach.
  6. Space race. Satellite technology shown to be increasingly vulnerable to cyber attack.
 

1. PaperCut announces critical application server vulnerabilities

Print management software provider PaperCut has issued urgent patches for two critical vulnerabilities impacting its Application Server. The vulnerabilities allow for unauthenticated remote code execution and unauthenticated information disclosure. Ransomware groups Cl0p and Lockbit 3.0 have already exploited these vulnerabilities to gain access to corporate data.

So what?

Malicious actors quickly move to exploit new vulnerabilities and conduct attacks. Check if your systems are vulnerable and patch known vulnerabilities immediately.

 

 

New call-to-action

 

2. Black Basta publishes sensitive data from Yellow Pages Canada

Black Basta ransomware group has released personally identifiable information stolen from Yellow Pages Canada, including passport scans and social insurance numbers for employees and some customers, on their leak site. Yellow Pages has begun informing those who have been affected by the data breach.

So what?

Individuals impacted by a personal data breach can benefit from ongoing credit monitoring services to identify misuse of their data and reduce the risk of further harm.

 

 

 

3. Data from decommissioned systems present overlooked threat

Researchers have discovered that second-hand corporate networking equipment often still contains sensitive data. Having purchased a set of old routers they discovered complete configuration details plus data for allowing third-party network connections, which hackers could use to breach corporate environments.

Separately, the American Bar Association (ABA) confirmed that, during a cyber incident it suffered, a threat actor accessed login credentials for 1.4 million members from a legacy system decommissioned in 2018. According to the ABA, many members had reused these old credentials.

So what?

When decommissioning systems, it is essential to ensure secure data destruction and disposal, to avoid an unintentional data breach.

 
 

 

4. New EU cyber laws could result in increased costs to UK businesses

According to a UK parliamentary report, the European Union’s new Cyber Resilience Act (CRA), which introduces minimum security standards for internet-connected products, is likely to impact British businesses exporting to the European Union.

Other upcoming legislation to be aware of includes the Digital Operation Resilience Act (DORA), which will impose stringent new resilience requirements on EU financial services firms and their ICT service providers.

So what?

It is important to stay abreast of new legislation impacting cyber security, and ensure your organisation remains compliant across relevant jurisdictions.

 

 

5. CEO sentenced following data breach

A Finnish court issued a suspended jail sentence to the former CEO of Vastaamo, a chain of therapy clinics in Finland, for failing to protect patient data from a breach. The then-CEO did not inform authorities or other board members of two separate breaches at the clinic that saw patient notes leaked and clients extorted.

So what?

Executives may face personal liability for failing to safeguard sensitive data or implement the necessary cyber security measures.

 
 

 

6. Space technology becoming increasingly vulnerable to cyber attack

French defence contractor Thales conducted an authorised cyber attack on a European Space Agency satellite to raise awareness of satellite vulnerabilities. This follows recent comments made by the chief of the US Space Force that outlined an increasing number of threats affecting space technology, including China’s development of cyber capabilities that could seize control of satellites.

So what?

Incident response plans should provide for alternative communication channels in the event that normal communication channels are not available.

 
 

 

Cyber Intelligence Briefing

The S-RM Cyber Intelligence Briefing is a weekly round-up of the latest cyber security news, trends, and indicators, curated by our intelligence specialists.

To discuss this briefing or other industry developments, please reach out to one of our experts.

Authors

Kyle Schwaeble
Kyle Schwaeble
Senior Associate, Cyber Security

Kyle Schwaeble is a senior associate on S-RM’s cyber security team, bringing expertise in incident response management and, particularly, the secure restoration and recovery from cyber incidents such as ransomware attacks and business email compromises. In addition to his incident response work, Kyle has also supported multinational clients with their security transformation programmes, advising on the development and implementation of new technological, procedural, and cultural security controls.  

Kyle joined S-RM in 2019, initially working as an analyst in the Corporate Intelligence team, where he supported various corporate and diligence investigations. He holds a BCom(LLB) from Stellenbosch University in South Africa and is GSEC certified. 

James Tytler
James Tytler
Associate, Cyber Security

James Tytler is a cyber security associate in S-RM’s incident response team. In addition to responding to a wide range of cyber security incidents, he also supports clients with cyber threat intelligence services.

Before joining S-RM’s cyber security team, James worked at a London-based corporate intelligence firm, where he specialised in Middle Eastern subjects.

James has a BA in Arabic and Persian from the University of Cambridge, and an MA in International Security from Sciences Po Paris. He speaks fluent French.

Kyle Schwaeble
Kyle Schwaeble

Senior Associate, Cyber Security

James Tytler
James Tytler

Associate, Cyber Security

Share this post

Related insights

Cyber Briefing News

5 December 2023

8 min read

Property sales in limbo after IT service provider hack | Cyber Intelligence Briefing: 5 December
Read more
Cyber Briefing News

28 November 2023

7 min read

Cyber security executive attacks two hospitals as a ‘sales strategy’ | Cyber Intelligence Briefing: 28 November
Read more
Cyber Briefing News

21 November 2023

8 min read

Cyber budgets fail to meet expectations | Cyber Intelligence Briefing: 21 November
Read more
More insights

Subscribe to our insights

Get industry news and expert insights straight to your inbox.

Regular bulletins

Weekly
Cyber Intelligence Briefing

Our weekly analysis of the top cyber security news stories hitting the headlines.

Read more
Monthly
ESG Watch

Stay on top of the latest ESG regulations and policies from around the globe with our monthly bulletin.

Read more
Monthly
Red Flag Bulletin

Published monthly, our Red Flag Bulletin provides you with updates on the latest financial, corruption and integrity issues worldwide.

Read more
Monthly
Global Risk Bulletin

Each month, we provide in-depth analysis into the top geopolitical risks from around the globe.

Read more