SecureTeam

PrintNightmare vulnerabilities exploited in the wild

Cyber-criminals have been exploiting the Windows PrintNightmare vulnerability to attack networks around the world. PrintNightmare is the name given to a collection of vulnerabilities in the Windows Print Spooler. According to reports from Talos and CrowdStrike, several threat actors have now incorporated the PrintNightmare vulnerabilities into attacks on their victims networks. The PrintNightmare vulnerabilities were […]

PrintNightmare vulnerabilities exploited in the wild Read More »

SeriousSAM exposes Windows credentials

News, Vulnerabilities / Ian Reynolds

A flaw in all versions of Windows 10 and Server 2019 released since November 2018 leaves the Security Account Manager file which contains all the hashed credentials for the PC, open for any user to read. Microsoft has issued a security advisory to track their investigations, but no permanent solution has been released – although

SeriousSAM exposes Windows credentials Read More »

PetitPotam attack leaves Windows Domain Controllers Vulnerable

News, Vulnerabilities / Ian Reynolds

Microsoft has moved swiftly to publish mitigation advice for a new NTLM relay attack against Windows Domain controllers, dubbed PetitPotam. An NTLM relay attack can occur when an attacker inserts themselves between a valid client-server authentication request in a Windows Domain or tricks one system into trying to authenticate itself and so providing a copy

PetitPotam attack leaves Windows Domain Controllers Vulnerable Read More »

The PrintNightmare continues

News, Vulnerabilities / Ian Reynolds

Since the start of June there has been a confusing number of security vulnerabilities reported in the Windows Print Spooler. Let me explain what is going on. CVE-2021-1675 This is the vulnerability that caused some initial confusion – a Remote Code Execution vulnerability in the Windows Print Spooler. This is not the vulnerability known as

The PrintNightmare continues Read More »

Microsoft’s July Patches fix 13 critical flaws

News, Vulnerabilities / Ian Reynolds

July is another bumper month for Microsoft as they ship fixes for 117 security vulnerabilities, 13 of them rated as critical and at least 4 are currently under active attack by cyber criminals. The actively exploited vulnerabilities patched this month are: CVE-2021-34527 – Windows Print Spooler RCE Vulnerability – aka PrintNightmare It’s third time lucky

Microsoft’s July Patches fix 13 critical flaws Read More »

Microsoft releases emergency patch for PrintNightmare

News, Vulnerabilities / Ian Reynolds

Microsoft has released an emergency patch that addresses the remote code execution vulnerability in the Windows Print Spooler, known as the PrintNightmare. According to Microsoft in their security advisory: A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run

Microsoft releases emergency patch for PrintNightmare Read More »

Critical PrintNightmare vulnerability exposes Domain controllers

News, Vulnerabilities / Ian Reynolds

Code demonstrating how to exploit an 0day vulnerability in the Windows Print Spooler was accidentally published on GitHub this week. This remote code execution vulnerability can be exploited to take control of a fully patched Windows Domain Controller. In the June 2021 Patch bundle, Microsoft delivered a fix for CVE-2021-1675, an elevation of privilege and

Critical PrintNightmare vulnerability exposes Domain controllers Read More »

Windows Containers and Kubernetes under attack

News, Vulnerabilities / Ian Reynolds

Microsoft has warned that Kubernetes clusters are being targeted in a cryptomining attack while Palo Alto Networks has identified the first malware that targets Windows Containers – in order to compromise the Kubernetes clusters that host them. Cryptomining on Kubernetes Kubeflow is a popular framework for deploying Machine Learning workloads in a Kubernetes environment. Microsoft

Windows Containers and Kubernetes under attack Read More »

June Patch Tuesday and Vulnerability Roundup

News, Vulnerabilities / Ian Reynolds

The June security updates include 7 zero-day exploits fixed in Microsoft code, 5 high-severity bugs in Intel BIOS firmware and Security Library, and 21 critical vulnerabilities fixed in Adobe products. Microsoft Updates The June 2021 security updates from Microsoft resolves 7 zero-day vulnerabilities- six of them known to be exploited in the wild – and

June Patch Tuesday and Vulnerability Roundup Read More »

Microsoft and Adobe release patches for zero day vulnerabilities

News, Vulnerabilities / Ian Reynolds

May Patch Tuesday sees four critical vulnerabilities patched by Microsoft and Adobe ships a fix for an Acrobat Reader zero-day that is under attack in the wild. Microsoft Patch Tuesday May 2021 55 vulnerabilities, 4 critical, are resolved in the May security patch bundle from Microsoft. Of particular note are: CVE-2021-31166 which is a Windows

Microsoft and Adobe release patches for zero day vulnerabilities Read More »

microsoft

PrintNightmare vulnerabilities exploited in the wild

SeriousSAM exposes Windows credentials

PetitPotam attack leaves Windows Domain Controllers Vulnerable

The PrintNightmare continues

Microsoft’s July Patches fix 13 critical flaws

Microsoft releases emergency patch for PrintNightmare

Critical PrintNightmare vulnerability exposes Domain controllers

Windows Containers and Kubernetes under attack

June Patch Tuesday and Vulnerability Roundup

Microsoft and Adobe release patches for zero day vulnerabilities

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch