Tag: analysis
Understanding PrintNightmare: The importance of having visibility over new attack vectors
Published 9 months ago
What is PrintNightmare? PrintNightmare (CVE-2021-34527) is a recently discovered vulnerability, affecting the Microsoft Windows Print Spooler Service. It allows threat actors to run arbitrary code on any device with Print Spooler service enabled with SYSTEM level privileges via Remote Code Execution (RCE) after obtaining initial access. The vulnerability allows attackers to load a DLL into …
Uncovering a ransomware distribution operation – Part 1
Published 6 years ago
Recently we uncovered a ransomware distribution operation targeting European users and carried out via phishing scams. In this post we will show how we have conducted the research: from the initial infection stage back to the person that is orchestrating the whole operation. These campaigns are targeting Italy, Denmark and Spain, although we have detected two new campaigns about to be started …
Continue reading “Uncovering a ransomware distribution operation – Part 1”