Hackers Exploited Popular BillQuick Billing Software to Deploy Ransomware

25 October 2021

Cybersecurity researchers on Friday disclosed a now-patched critical vulnerability in multiple versions of a time and billing system called BillQuick that’s being actively exploited by threat actors to deploy ransomware on vulnerable systems. CVE-2021-42258, as the flaw is being tracked as, concerns an SQL-based injection attack that allows for remote code execution and was successfully leveraged to gain initial access to an unnamed U.S.

Read full article on The Hacker News

Date:

25 October 2021

Categorie(s):

NEWS

Tag(s):

Billing, Cyber Attack, Cyber Threats, Deploy, Hacking

Smashing Security podcast #370: The closed loop conundrum, default passwords, and Baby Reindeer1 May 2024
Cyberattack against United Russia claimed by Ukraine1 May 2024
US jails former NSA employee for attempting secret sale to Russia1 May 2024
Better identity threat detection sought by new Semperis ML-based tool1 May 2024
Oasis Security reels in $35M more to secure nonhuman identities1 May 2024