For providers

When it comes to cyber threats, protection is better than response.

While Microsoft has boosted the security of Windows Print Spooler in the three years since the disclosure of the PrintNightmare vulnerability, the service remains a spooky threat that organizations cannot afford to ignore.

The threat actor is using a sophisticated network of VPNs and proxies to centrally manage command-and-control servers from Pyongyang.

VulnCheck initially disclosed the critical command-injection vulnerability (CVE-2024-40891) six months ago, but Zyxel has yet to mention its existence or offer users a patch to mitigate threats.

Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model.

The accused include North Korean citizens Jin Sung-Il and Pak Jin-Song, Mexican national Pedro Ernesto Alonso De Los Reyes, and US citizens Erick Ntekereze Prince and Emanuel Ashtor.

The US Court of Appeals has vacated the original sentence of Conor Brian Fitzpatrick, also known as Pompompurin, who is the founder of the BreachForums cybercrime marketplace.

"A new certificate has already been deployed in OCS, and any server that is updated to any Exchange Server Cumulative Update or Security Update newer than March 2023 will continue to be able to check for new EEMS mitigations," the Exchange Team said.