My TechDecisions

Search Results: print nightmare

Ransomware Education Microsoft

Patch the Print Nightmare Vulnerabilities Now

Several threat actors are now using the PrintNightmare vulnerabilities in ransomware attacks on unpatched systems.

August 13, 2021 Zachary Comeau Leave a Comment

Much has been made of the vulnerabilities recently discovered in the Windows Print Spooler Service and Microsoft’s patches for the issue. Now, systems that remain unpatched are being attacked by ransomware operators. In a new report, Cisco Talos says a threat actor is exploiting those vulnerabilities – dubbed PrintNightmare – to spread laterally across a […]

Read More
Proofpoint CISO, CISOs cyberattack

CISA: Russian Hackers Leveraged Default MFA, PrintNightmare To Gain Network Access

Using stolen credentials, misconfigured MFA and PrintNightmare, Russian state-sponsored hackers compromised a victim's network, agencies say.

March 16, 2022 Zachary Comeau Leave a Comment

According to U.S. authorities, Russian state-sponsored hackers are leveraging default multi-factor authentication (MFA) protocols and the PrintNightmare vulnerabilities to gain network access. In a joint advisory, the FBI and Cybersecurity and Infrastructure Security Agency say cyber actors backed by the Russian government began pairing those attack vectors as early as May 2021 to target a […]

Read More
PrintNIghtmare

Still Having A PrintNightmare?

Microsoft's patches for the PrintNightmare vulnerability is causing another printing nightmare of its own.

August 25, 2021 Zachary Comeau Leave a Comment

When Microsoft released security patches earlier this month to address the vulnerabilities in Windows Print Spooler service, we thought the flaws known as PrigntNightmare were behind us. However, due to the very patch that Microsoft issued to keep cybercriminals from gaining admin privileges through this vulnerability and other changes, some admins are complaining of printing […]

Read More
Microsoft January Patch Tuesday

Update Now: Microsoft Issues Fixes For 117 Security Flaws, Including PrintNightmare

Microsoft's monthly security update fixes flaws in Windows Dynamics, Exchange Server, Microsoft Office, Windows Storage Spaces Controller and more.

July 14, 2021 Zachary Comeau Leave a Comment

Microsoft has been busy issuing software security patches over the last few weeks, including an emergency fix to resolve the PrintNightmare vulnerability and 117 fixes as part of its monthly security patch release. The volume of fixes this month is more than the last two months combined, but is on par with the monthly totals […]

Read More
Microsoft January Patch Tuesday

What IT Pros Need To Know About The PrintNightmare Vulnerability

IT administrators are being warned of a new actively exploited and unpatched remote code execution vulnerability in Windows Print Spooler.

July 2, 2021 Zachary Comeau Leave a Comment

IT administrators are being warned of an actively exploited remote code execution vulnerability in Windows Print Spooler that could allow an attacker to install programs, view or change data or create new accounts with full user rights. The vulnerability is being referred to as PrintNightmare (CVE-2021-34527), which Microsoft says is slightly different from another vulnerability […]

Read More
Microsoft January Patch Tuesday

Microsoft Warns Of Another Print Spooler Vuln

Unlike PrintNightmare, this vulnerability can only be exploited locally and isn't being actively used in attacks.

July 16, 2021 Zachary Comeau Leave a Comment

Just when we thought the Windows Print Spooler vulnerability was addressed, Microsoft has released information about another vulnerability in the service that could allow an attacker to run arbitrary code with SYSTEM privileges. The company is currently developing a security update to address this vulnerability, which is tracked as CVE-2021-34481. This comes after Microsoft previously […]

Read More
Cybersecurity testing, penetration testing, cyber threats

Is Your Organization Testing Against the Right Cyber Threats?

New research shows that organizations are testing against cyber threats in the headlines rather than attacks they're more likely to face.

April 12, 2023 Zachary Comeau Leave a Comment

Ransomware, supply chain attacks and nation-state threat actors have grabbed mainstream headlines in recent years, and organizations are largely recognizing that they must invest more in cybersecurity to defend against those emerging techniques. However, new research shows that some organizations are prioritizing defending against those trending, newsworthy threats at the expense of the threats actually […]

Read More
June 2023 Patch Tuesday. Patch Tuesday,

January 2023 Patch Tuesday: Nearly 100 Bugs, One Actively Exploited

Microsoft releases fixes for 98 security vulnerabilities for its January 2023 Patch Tuesday release, including one under active exploitation.

January 10, 2023 Zachary Comeau Leave a Comment

IT administrators are starting 2023 with a busy January Patch Tuesday, as Microsoft has released fixes for nearly 100 vulnerabilities, including 11 rated critical and one under active attack. According to security researchers, the 98 vulnerabilities fixed in this month’s security update from Microsoft is the largest the company has issued in a January for […]

Read More
June 2023 Patch Tuesday. Patch Tuesday,

November 2022 Patch Tuesday: Four Actively Exploited Zero Days

Microsoft’s November 2022 Patch Tuesday includes fixes for four actively exploited zero-day vulnerabilities.

November 8, 2022 Zachary Comeau Leave a Comment

Microsoft’s November 2022 Patch Tuesday is a particularly important one, as the company has released fixes for four zero-day vulnerabilities, all of which are currently being exploited in the wild. In total, the Redmond, Wash. software giant has released fixes for 62 security bugs, including nine rated critical and 53 rated important. Here’s a look […]

Read More
Ransomware Education Microsoft

Microsoft: This Ransomware Has Its Sights Set on Education Sector

The Vice Society ransomware group targets the education sector due to its weaker security controls and likelihood to pay, Microsoft says.

October 25, 2022 Zachary Comeau Leave a Comment

Microsoft is sounding the alarm on Vice Society, a ransomware group that is heavily targeting the education sector and preying upon organizations that have weak security controls and a higher likelihood of compromise and ransom payout. The ransomware group was detailed in an advisory from the  U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI […]

Read More