Hackers use PaperCut printer vulnerability to spread Clop ransomware

Hackers linked to the Clop ransomware operation are exploiting two recently-disclosed vulnerabilities in print management software PaperCut to steal corporate data from victims. In a series of tweets posted Wednesday, Microsoft said they attributed the attacks to a threat actor they track as Lace Tempest — a group whose activities overlap with FIN11 and TA505.

actor attacks briefs clop clop ransomware corporate corporate data cybercrime data exploiting fin11 hackers malware management microsoft papercut print printer ransomware series software steal ta505 threat threat actor vulnerabilities vulnerability