The US Cybersecurity and Infrastructure Security Agency (CISA) and FBI released an alert about a Russian state-backed activity that allowed hackers to bypass multi-factor authentication (MFA) and exploit a security flaw to compromise networks. The security advisory indicates that the cyberattacks targeting a non-governmental organization (NGO) started back in May 2021. The threat actors leveraged...
Image Credit: Microsoft If you are an admin and have been scrambling the past week to patch the PrintNightmare vulnerability, you are not alone. The messaging around this zero-day has been confusing with Microsoft saying they have a solution, industry experts saying it’s not effective, and now Microsoft saying “you’re patching it wrong”. Microsoft isn’t…
Microsoft has released an out-of-band patch that will plug up a hole in a known zero-day exploit. Known as PrintNightmare, the patch is now being released via Windows Update. At the heart of the issue is a remote code vulnerability that would allow an attacker to use Windows Print Spooler to perform privileged file operations….