On 7/3/2021 1:44 PM, Kenneth Porter wrote:
On 7/2/2021 6:39 PM, Kevin A. McGrail wrote:
Anyone know if this is delivered via email? I'm trying to make sure I
block the payload if it is.
I found a copy of the repo and see that it works by adding an evil
printer driver to the remote server ove
Kenneth Porter wrote:
I found a copy of the repo and see that it works by adding an evil
printer driver to the remote server over an IP connection. So email is
a vector if you allow executable attachments (including scripts).
Yes. Local Privilege Elevation then Remote Command Execution. Th
On 7/2/2021 6:39 PM, Kevin A. McGrail wrote:
Anyone know if this is delivered via email? I'm trying to make sure I
block the payload if it is.
I found a copy of the repo and see that it works by adding an evil
printer driver to the remote server over an IP connection. So email is a
vector if
https://www.bleepingcomputer.com/news/security/microsoft-shares-mitigations-for-windows-printnightmare-zero-day-bug/
Anyone know if this is delivered via email? I'm trying to make sure I block
the payload if it is. Would appreciate anyone reaching out to me off or on
list.
Regards, KAM
