#CUPSVulnerabilities

Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps

October 3, 2024 by Xynik

October 3, 2024 at 12:15PM A recent DDoS campaign targeted financial, internet, and telecommunications sectors, resulting in a record 3.8 Tbps volumetric attack. The assault comprised 100 hyper-volumetric attacks, overwhelming network infrastructure and primarily leveraging compromised devices in various countries. Cloudflare autonomously mitigated the attacks, with UDP-based transfers and CUPS vulnerabilities posing ongoing threats. Key … Read more

Unix Printing Vulnerabilities Enable Easy DDoS Attacks

October 2, 2024 by Xynik

October 2, 2024 at 05:19PM A recent disclosure of four critical vulnerabilities in the Common Unix Printing System (CUPS) has shed light on the potential for attackers to conduct distributed denial-of-service (DDoS) attacks. The vulnerabilities could enable adversaries to exploit approximately 58,000 Internet-exposed devices, creating significant strain on target systems and potentially affecting server hardware. … Read more

THN Cybersecurity Recap: Last Week’s Top Threats and Trends (September 23-29)

September 30, 2024 by Xynik

September 30, 2024 at 09:36AM Last week in cybersecurity, CUPS vulnerabilities threatened remote attacks, while Rust’s adoption by Google reduced Android vulnerabilities. However, Kaspersky’s exit from the US market left users with uncertainties. Kia cars faced hijacking threats via license plates. The US sanctioned cryptocurrency exchanges, charged Iranian hackers, and detailed mysterious internet noise storms. … Read more

Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution

September 27, 2024 by Xynik

September 27, 2024 at 09:24AM New security vulnerabilities in CUPS on Linux systems permit remote command execution. Attackers can exploit these issues to install fake printers and execute malicious code, potentially leading to data theft or system damage. The vulnerabilities affect RHEL but do not impact Palo Alto Networks products. Patches are forthcoming, and temporary … Read more

Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected

September 27, 2024 by Xynik

September 27, 2024 at 06:21AM Researcher Simone Margaritelli revealed an unauthenticated remote code execution (RCE) vulnerability affecting all GNU/Linux systems, initially considered highly critical. The flaw, related to OpenPrinting’s Common UNIX Printing System (CUPS), was later disclosed alongside its CVE identifiers. Exploitation requires certain conditions and mitigating factors lower the real-world applicability and severity of … Read more