A critical severity vulnerability affecting the Windows Print Spooler Service, dubbed “PrintNightmare”, was treated with emergency patches by Microsoft. The vulnerability, initially believed to allow for escalation of privileges, was later discovered to also allow for remote code execution (RCE) attacks. If combined successfully, the vulnerabilities could allow for complete access to an organization’s infrastructure. Obstacles to fixing the issue were compounded by the accidental public exposure by researchers of a working proof of concept (PoC) for the exploit, which was reportedly cloned before it was removed. This event highlights the crucial role organizations such as Microsoft play in rapid remediation and the importance for researchers and defenders alike to remain diligent when developing PoCs.
Most Recent Flipbooks
The US government has issued an alert about the Iran-linked "MuddyWater" advanced persistent threat group
Microsoft has announced plans to restrict its product users' ability to manually enable macros in several Office documents
A recent attack showed the potential of cyber-threat activity when used by a nation-state for coercion.
The FBI has warned of a recent surge in cyber attacks that use quick response (QR) codes.
The Federal Security Service of the Russian Federation (FSB) conducted a series of raids and arrests against at least 20 members of the "REvil" ransomware group.
Researchers have discovered a critical vulnerability in the popular open-source Java SQL database H2
For 2022, cyber-security practitioners must be extraordinarily nimble and adept. Plus information on telegram dropping malware, North Korean group exploits Russia, and Log4j crisis spilling in to 2022