In January of this year, it was reported that the infrastructure for the Emotet botnet had been taken down in a coordinated international law enforcement effort. Last week brought news that Emotet is “back by popular demand,” as it has been resurrected by its former operators. Emotet, one of the most widely distributed forms of…
Update 9/15/2021 Microsoft released security updates yesterday to address the remaining PrintNightmare vulnerabilities. https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-remaining-windows-printnightmare-vulnerabilities/ Update 9/1/2021 This post is an update for this previous post regarding the Microsoft Print Spooler vulnerabilities known as “PrintNightmare.” As stated in the August 16 post, Microsoft updated CVE-2021-34527, Windows Print Spooler Remote Code Execution Vulnerability to indicate that patches…
A cloud security vendor, Wiz, announced on Friday (8/26) that they discovered a vulnerability in Microsoft Azure’s managed database service, Cosmos DB, that grants read/write access for every database on the service to attackers who find and exploit the bug. They named the vulnerability “Chaos DB.” Wiz made the discovery two weeks ago, but they…
Recently there has been a surge in phishing and scams targeting UW students, faculty, and staff. Many of these emails appear to be job offers or alerts from UW accounts or UW offices. There is a “fresh phish” below that offers $800/week with bonuses. More examples can be found on the Phishing Examples web page….
Also see: Recommendations for UW students, faculty, and staff On July 7, Microsoft released an emergency patch for a vulnerability, dubbed “PrintNightmare,” in its Print Spooler service. It’s a serious vulnerability for several reasons, among them: It allows attackers to access your computer over the Internet (via remote code execution or RCE) to steal data…
Also see: PrintNightmare: What to do at home Latest update August update Key points How do I know if I’m vulnerable? What can I do about it? Recommendations for UW students, faculty, and staff References This post pertains to CVE-2021-34527, Windows Print Spooler Remote Code Execution Vulnerability. The code that contains the vulnerability is present…