all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Blacktail Threat Actor Exploits PaperCut Vulnerability (CVE-2023-27350) to Distribute Buhti Ransomware

Add to bookmarks
May 27, 2023, 12:20 a.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

FortiGuard Labs is aware of a report that the Blacktail threat actor exploited the recently patched PaperCut vulnerability (CVE-2023-27350) to distribute the Windows version of Buhti ransomware. The IBM Aspera Faspex code execution vulnerability (CVE-2022-47986) is also being reportedly exploited by the same threat actor.Why is this Significant?This is significant because the Blacktail threat actor reportedly exploited the recently patched PaperCut vulnerability to deploy the Windows version of Buhti ransomware. As such the patch should be applied as soon as …

actor aspera aspera faspex aware code code execution cve cve-2022-47986 cve-2023-27350 exploited exploits faspex ibm labs papercut papercut vulnerability ransomware report threat threat actor version vulnerability windows

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359) 1 day, 11 hours ago | fortiguard.fortinet.com
adaptive security advisory april arcanedoor +22
Akira Ransomware Attack (CVE-2023-20269 and CVE-2020-3259) 1 day, 12 hours ago | fortiguard.fortinet.com
access advisory akira akira ransomware +17
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 1 week, 3 days ago | fortiguard.fortinet.com
advisory attack code code injection +27
XZ Utils Supply Chain Attack (CVE-2024-3094) 3 weeks, 1 day ago | fortiguard.fortinet.com
attack code compression cve +25
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256) 4 weeks, 1 day ago | fortiguard.fortinet.com
access attacker code code execution +25
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897) 4 weeks, 2 days ago | fortiguard.fortinet.com
access application application developers attackers +31
Kimsuky Malware Attack 1 month ago | fortiguard.fortinet.com
attack cyber entities espionage +15
JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199) 1 month, 1 week ago | fortiguard.fortinet.com
attacker authentication authentication bypass bypass +15
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) 1 month, 4 weeks ago | fortiguard.fortinet.com
access advisory application attackers +28

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Digital Trust Cyber Transformation Senior

@ KPMG India | Mumbai, Maharashtra, India
View on infosec-jobs.com

Security Consultant, Assessment Services - SOC 2 | Remote US

@ Coalfire | United States
View on infosec-jobs.com

Sr. Systems Security Engineer

@ Effectual | Washington, DC
View on infosec-jobs.com

Cyber Network Engineer

@ SonicWall | Woodbridge, Virginia, United States
View on infosec-jobs.com

Security Architect

@ Nokia | Belgium
View on infosec-jobs.com
View more jobs