Tag Archive for: terror’s

Night Terrors: Ransomware Campaigns Are Exploiting PrintNightmare


PrintNightmare is being actively exploited to distribute ransomware, ZDNet reports, and security researchers have found evidence of multiple threat actors taking advantage of the vulnerability.

Microsoft acknowledged PrintNightmare on July 1. It released an emergency update to address the flaw less than a week later, but that patch was imperfect, and the company didn’t have an official fix until it changed the default behavior of Point and Print driver installation on Aug. 10.

Many people are slow to update their systems, however, and security researchers at CrowdStrike and Cisco Talos Incident Response independently shared their discovery that hacking groups were exploiting the PrintNightmare vulnerability in the days following Microsoft’s latest patch.

CrowdStrike said on Aug. 11 that it “identified Magniber ransomware attempting to use a known PrintNightmare vulnerability to compromise victims” in July. It successfully blocked those attacks, but systems that don’t rely on its protections could still be targeted by the ransomware.

“CrowdStrike estimates that the PrintNightmare vulnerability coupled with the deployment of ransomware will likely continue to be exploited by other threat actors,” the company said, and the researchers at Cisco Talos proved that estimate was correct with their own announcement.

Cisco Talos said on Aug. 12 that a ransomware campaign operator known as Vice Society, which has targeted “public school districts and other educational institutions” as well as other “small or midsize victims,” was actively exploiting PrintNightmare as part of its latest attacks as well.

“The use of the vulnerability known as PrintNightmare shows that adversaries are paying close attention and will quickly incorporate new tools that they find useful for various purposes during their attacks,” Cisco Talos said. “Multiple distinct threat actors are now taking advantage of PrintNightmare, and this adoption will likely continue to increase as long as it is effective.”

Recommended by Our Editors

PrintNightmare is a compelling target in part because it affects every version of Windows. Defending against it also requires changing the operating system’s behavior by disabling the Print…

Source…

Thwarting terror’s cyber warfare – BBC News


BBC News

Thwarting terror's cyber warfare
BBC News
The report into the killing of Lee Rigby has drawn attention once more to the battles over terrorism in the online world. It raised questions over whether social media sites should be doing more not just to take down extremist content but report it to

and more »

cyber warfare – read more