Since the start of June there has been a confusing number of security vulnerabilities reported in the Windows Print Spooler. Let me explain what is going on. CVE-2021-1675 This is the vulnerability that caused some initial confusion – a Remote Code Execution vulnerability in the Windows Print Spooler. This is not the vulnerability known as […]
The PrintNightmare continues Read More »
Security researchers at the University of London discovered several vulnerabilities in the home grown cryptography used by the Telegram messaging app which boasts half a billion users. The four vulnerabilities discovered in Telegrams bespoke MTProto protocol highlight the dangers of trying to invent new cryptographic systems rather than using proven existing solutions. MTProto is used by
Telegram vulnerabilities discovered Read More »
SentinelLabs has discovered a severe escalation of privilege vulnerability in a printer driver used by HP, Samsung and Xerox devices since 2005 – affecting over 390 printer models and millions of computers. The vulnerable driver gets installed on Windows systems without any user intervention, simply by plugging in a printer with a USB cable or
16 year old printer bug exposes millions of systems Read More »
July is another bumper month for Microsoft as they ship fixes for 117 security vulnerabilities, 13 of them rated as critical and at least 4 are currently under active attack by cyber criminals. The actively exploited vulnerabilities patched this month are: CVE-2021-34527 – Windows Print Spooler RCE Vulnerability – aka PrintNightmare It’s third time lucky
Microsoft’s July Patches fix 13 critical flaws Read More »
Microsoft has released an emergency patch that addresses the remote code execution vulnerability in the Windows Print Spooler, known as the PrintNightmare. According to Microsoft in their security advisory: A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run
Microsoft releases emergency patch for PrintNightmare Read More »
Kaseya provides remote management software used by thousands of IT support firms to manage millions of their end users computers. Kaseya was targeted in a supply chain attack to deliver ransomware to a claimed million of their customers computers. Managed Service Providers who provide outsourced IT support for small and medium sized enterprises rely on
What is the Kaseya Ransomware attack? Read More »
A new report from Microsoft’s security research team details how the Netgear DGN-2200 broadband router can be compromised remotely, allowing attackers access to the internal network. Microsoft’s 365 Defender Research Team has published a detailed report that explains the flaws they discovered in the firmware of the Netgear DGN-2200v1 ADSL router, that enables a remote
Netgear broadband router vulnerable to remote compromise Read More »
Code demonstrating how to exploit an 0day vulnerability in the Windows Print Spooler was accidentally published on GitHub this week. This remote code execution vulnerability can be exploited to take control of a fully patched Windows Domain Controller. In the June 2021 Patch bundle, Microsoft delivered a fix for CVE-2021-1675, an elevation of privilege and
Critical PrintNightmare vulnerability exposes Domain controllers Read More »
Modern software development makes extensive use of open-source libraries that save development time and money. However, 79% of developers fail to keep those libraries up to date leaving their code vulnerable to newly discovered flaws and vulnerabilities. A new report from testing firm Veracode reveals some worrying trends that Security Managers should discuss with their
How Poor Library Hygiene Compromises your Application Security Read More »
iPhone users should beware after a bug is disclosed that can disable the WiFi system simply by connecting to a hotspot with a specially crafted name. The bug in iOS results from a poorly sanitised input string (Improper Input Validation) and in this case it was a failure to remove escape sequences from the input.
iOS WiFi crashes with malicious hotspot name Read More »