BillQuick, a time & billing system, had a critical vulnerability -now fixed- disclosed by cybersecurity researchers. The vulnerability was exploited to introduce ransomware in vulnerable systems. CVE-2021-42258, a SQL-based injection attack, allowed the attackers to execute code remotely, and it was used to gain a foothold in an unnamed U.S. engineering company and carry out … Continue reading Vulnerability in a Popular Software exploited to plant Ransomware