With the number of exploits springing up around Windows 10, it’s no wonder Microsoft is issuing an update with Windows 11 later this year. Recent exploits have been print-related. Microsoft is now recommending that users disable the Windows Print Spooler after the third exploit in five weeks was discovered. Discovery of Most-Recent Print-Related Exploit Jacob Barnes, a Dragos security firm vulnerability researcher, discovered the most recent print-related exploit. This flaw concerns a vulnerability in the Windows Print Server. An executive summary of a talk Barnes will be giving on print driver vulnerabilities explains, “What can… Read more
Microsoft is warning Windows users of yet another Print Spooler vulnerability, again threatening the potential for hackers to take control of your PC, install apps, and steal or delete data. It’s the third such vulnerability impacting the Windows Print Spooler service, after two high-profile PrintNightmare bugs which left the software giant floundering to figure out a fix. Those previous fixes … Continue reading
Penetration testing measures the effectiveness of your cybersecurity defensive measures. And remember, their effectiveness changes over time, so repeat as necessary. There’s nothing fit and forget in the world of cybersecurity.
“…The new Connecticut law prohibits punitive damages being assessed against organizations in the wake of a data breach if they’ve implemented “reasonable” security controls. The law states that the court may not assess such damages if the organization created, maintained and complied with a written cybersecurity program that offers administrative, technical and physical safeguards for protecting personally identifiable information as well as restricted information.
The new state law stipulates that organizations must conform with revisions and amendments to industry-recognized cybersecurity frameworks, laws and regulations within six months after any changes are published.
“Cybersecurity is largely unregulated today; there is no national statutory minimum standard of information security, making it difficult to improve cybersecurity on a wholesale basis,” says Curtis Dukes, executive vice president and general Manager, security best practices, at the Center for Internet Security. “Connecticut’s cybersecurity bill introduces a critical interim step – incentivizing the adoption of cyber best practices … to improve cybersecurity and protect citizen data.”…
Iran faced its own spate of cyberattacks this weekend. Reuters and The Guardian report that Iran’s railway train system and transportation websites suffered a “cyber-disruption” (according to state media) on the weekend. Portal sites went down, although it’s not clear just how badly the train system were affected. Officials claimed that only the train displays were compromised with fake messages, but the Fars news agency claimed there was “unprecedented chaos” that included cancellations and delays.
The sites and train systems were back to normal as of Monday morning.
It’s not certain who was behind the attack, although telecom minister Mohammad Javad Azari-Jahromi alerted people to the threat of ransomware if they didn’t address security vulnerabilities. Iran has historically blamed some cyberattacks on the US and Israel, although ransomware is more often the work of criminal organizations.
The US and other countries have typically pinned cyberattacks on Iran, and both sides have engaged in relatively quiet digital warfare. However, it’s not clear that’s the cause here — this could just represent ‘ordinary’ hackers exploiting weak points in Iran’s infrastructure, whether to make money or create havoc.
Infrastructure cyberattacks are quickly becoming a significant problem in the US, and New York City is opening a facility that could help fend off those potentially dangerous hacks. The Wall Street Journalreports that NYC has launched a long-in-the-making Cyber Critical Services and Infrastructure (CCSI) operations center in Manhattan to defend against major cyberattacks.
The initiative’s members are a mix of public and private sector organizations that include Amazon, the Federal Reserve Bank, IBM, the New York Police Department and multiple healthcare providers. If a cyberattack hits, they’ll ideally cooperate closely to both overcome the attack and muster a city response if the digital offensive hobbles NYC’s infrastructure.
Politicians first floated the idea in 2017, but CCSI has been a strictly virtual initiative until now.
NYC is the first US city to have such a cyberdefense center, but it might not be the last. Cities like Atlanta and Baltimore have reeled from ransomware attacks in recent years, in numerous cases taking a long time (and a lot of money) to recover. A coordinated operations facility could help those cities bounce back quickly from a wide variety of hacks, or at least mitigate the damage.
No matter what version of Windows you are running, you need to update NOW. If you are truly paranoid, shutdown your Print Spooler service, and set it to Manual start. You’ll need to start it to print to a network printer, but you will protect your system and network from this serious threat. Check out the article from Digital Trends below.
To Our Customers: If your servers are managed by Proactive Computing, they are already protected from the PrintNightmare threat. But please follow the instructions below to update your Windows PCs and Laptops today.