Issue #143 - March 31, 2025
- Weekly INK
- 4 days ago
- 2 min read
Critical Vulnerability Found in Canon Printer Drivers
Source: Security Week
Microsoft’s offensive security team has warned Canon about a critical vulnerability affecting some printer drivers. According to an advisory published last week by Canon, drivers associated with several production printers, office multifunction printers, and laser printers are affected by an out-of-bounds vulnerability.
Medical Imaging Practice Notifying Patients of Recent Hack
Source: Data Breach Today
An Arizona-based medical imaging practice with 160 locations in 11 states is notifying patients that their information was compromised in a cyberattack discovered in late January. Proposed class action lawsuits filed against the company in recent weeks allege ransomware gang Medusa stole sensitive data pertaining to at least 132,000 people in the incident.
CISA Warns of Resurge Malware Connected to Ivanti Vuln
Source: Dark Reading
Threat actors are exploiting a vulnerability in Ivanti Connect Secure first disclosed by the vendor in January. The Cybersecurity and Infrastructure Security Agency (CISA) has warned that threat actors are exploiting a previously discovered Ivanti vulnerability using a file dubbed "Resurge."
Texas State Bar warns of data breach after INC ransomware claims attack
Source: Bleeping Computer
The State Bar of Texas is warning it suffered a data breach after the INC ransomware gang claimed to have breached the organization and began leaking samples of stolen data. The State Bar of Texas is the second-largest bar association in the United States, with over 100,000 licensed attorneys. It regulates the legal profession in Texas by overseeing licensing, continuing legal education, ethical compliance, and disciplinary actions.
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
Source: The Hacker News
Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. "These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hosting services and business profile pages to avoid detection.”