{"id":8414,"date":"2023-05-12T15:30:26","date_gmt":"2023-05-12T06:30:26","guid":{"rendered":"https:\/\/cyberenso.jp\/?p=8414"},"modified":"2023-05-30T15:33:11","modified_gmt":"2023-05-30T06:33:11","slug":"fbi-releases-joint-advisory-warning-of-bl00dy-ransomware-targets-education-organisation-in-papercut-attacks","status":"publish","type":"post","link":"https:\/\/cyberenso.jp\/en\/fbi-releases-joint-advisory-warning-of-bl00dy-ransomware-targets-education-organisation-in-papercut-attacks\/","title":{"rendered":"FBI releases joint advisory warning of Bl00dy ransomware targets education organisation in PaperCut attacks"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"8414\" class=\"elementor elementor-8414\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-b5a7548 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"b5a7548\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-8ac22a6\" data-id=\"8ac22a6\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-62a1915 elementor-widget elementor-widget-text-editor\" data-id=\"62a1915\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>On Thursday 11<sup>th<\/sup> of May 2023, the United States Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint TLP:CLEAR cybersecurity advisory warning organisation that the Bl00dy Ransomware gang is now actively exploiting a PaperCut remote-code execution vulnerability (CVE-2023-27350) to gain initial access to networks.<\/p><p>The advisory revealed that the Bl00dy Ransomware Gang attempted to exploit vulnerable PaperCut servers against the Education Facilities Subsector in early May 2023. The advisory highlights that the Education Facilities Subsector entities are maintaining approximately 68% of exposed, but not necessarily vulnerable, U.S.-based PaperCut servers.<\/p><p>In the advisory, FBI and CISA recommend organisations upgrade any PaperCut servers to the latest version or if they are not able to immediately patch, they should ensure that vulnerable PaperCut servers are not accessible over the internet and should either block all inbound traffic from external IP addresses or all traffic inbound to the web management portal.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>On Thursday 11th of May 2023, the United States Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint TLP:CLEAR cybersecurity advisory warning organisation that the Bl00dy Ransomware gang is now actively exploiting a PaperCut remote-code execution vulnerability (CVE-2023-27350) to gain initial access to networks. The advisory revealed that the Bl00dy Ransomware Gang attempted<span class=\"excerpt-hellip\"> [\u2026]<\/span><\/p>\n","protected":false},"author":1,"featured_media":8419,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[225,6,10,12,9,2,1],"tags":[],"class_list":["post-8414","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-heavy-industry","category-latest_news","category-latest_vulnerabilities","category-read_article","category-ransomware_criminals","category-ce_news","category-uncategorized"],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/cyberenso.jp\/wp-content\/uploads\/2023\/05\/Picture1-11.jpg?fit=1375%2C917&ssl=1","_links":{"self":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/8414"}],"collection":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/comments?post=8414"}],"version-history":[{"count":6,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/8414\/revisions"}],"predecessor-version":[{"id":8422,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/8414\/revisions\/8422"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media\/8419"}],"wp:attachment":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media?parent=8414"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/categories?post=8414"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/tags?post=8414"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}