Ransomware: Now attackers are exploiting Windows PrintNightmare vulnerabilities

13 August 2021

Cyber criminals are exploiting Windows PrintNightmare vulnerabilities in their attempts to infect victims with ransomware – and the number of ransomware groups attempting to take advantage of unpatched networks is likely to grow. The remote code execution vulnerabilities (CVE-2021-34527 and CVE-2021-1675) in Windows Print Spooler – a service enabled by default in all Windows clients and used to copy data between devices to manage printing jobs – allow attackers to run arbitrary code, enabling them to install programs, modify, change and delete data, create new accounts with full user rights and move laterally around networks.

Read full article on ZDNet

Date:

13 August 2021

Categorie(s):

NEWS

Tag(s):

Microsoft, Now, OS, PrintNightmare, Ransomware

With its new iPad, Apple’s Empire strikes back6 May 2024
Malware campaign attempts abuse of defender binaries6 May 2024
Microsoft unveils new security features for SOC teams to combat insider threats6 May 2024
BigID launches new hybrid scanning technology for enhance cloud data management6 May 2024
At RSA, Cisco launches bolsters in Security Cloud, built on Hypershield and Splunk6 May 2024