fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

CISA orders federal agencies to patch Windows PrintNightmare bug

CISA orders federal agencies to patch Windows PrintNightmare bug

A new emergency directive ordered by the Cybersecurity and Infrastructure Security Agency (CISA) orders federal agencies to mitigate the actively exploited Window Print Spooler vulnerability on their networks.

CISA issued the Emergency Directive 21-04 after Microsoft released security updates on Friday to address the vulnerability dubbed PrintNightmare in all supported Windows versions.

The security flaw (tracked as CVE-2021-34527) enables attackers to take over affected servers via remote code execution (RCE) with SYSTEM privileges.

Also Read: This Educator Aims to Make Good Cyber Hygiene a Household Practice

As CISA explained, the emergency actions required are a direct result of unacceptable risks to Federal Civilian Executive Branch agencies posed by PrintNightmare bug’s exploitation in ongoing attacks.

“CISA has validated various proofs of concept and is concerned that exploitation of this vulnerability may lead to full system compromise of agency networks if left unmitigated,” CISA said.

“This determination is based on the current exploitation of this vulnerability by threat actors in the wild, the likelihood of further exploitation of the vulnerability, the prevalence of the affected software in the federal enterprise, and the high potential for a compromise of agency information systems.”

Emergency Directive required actions

To comply with the Emergency Directive 21-04, US federal agencies are required to take the following actions:

  1. By 11:59 pm EDT, Wednesday, July 14, 2021, Stop and Disable the Print Spooler service on all Microsoft Active Directory (AD) Domain Controllers (DC).
  2. By 11:59 pm EDT, Tuesday, July 20, 2021, apply the July 2021 cumulative updates to all Windows Servers and Workstations.
  3. By 11:59 pm EDT, Tuesday, July 20, 2021, for all hosts running Microsoft Windows operating systems (other than domain controllers under action #1) complete either Option 1, 2, or 3 as detailed in the directive.
  4. Validate Registry and/or Group Policy settings from options 1, 2, and 3 above are properly deployed.
  5. By 11:59 pm EDT, Tuesday, July 20, 2021, ensure technical and/or management controls are in place to ensure newly provisioned or previously disconnected servers and workstations are updated and have the settings defined above in place before connecting to agency networks.
  6. By 12:00 pm EDT, Wednesday, July 21, 2021, submit a completion report using the provided template.

CISA added that the Emergency Directive would remain in effect until all agencies have gone through and applied all required actions or the directive “is terminated through other appropriate action.

In related news, CISA also published a notification on the PrintNightmare zero-day on July 1st, encouraging security professionals to disable the Windows Print Spooler service on all systems not used for printing.

Microsoft has clarified the PrintNightmare patch guidance and shared the steps required to correctly patch the critical vulnerability on Friday after multiple security researchers tagged the patches as incomplete.

More information and further guidance are available in the KB5005010 support document and in Microsoft’s CVE-2021-34527 security advisory.

Since the Print Spooler service is enabled by default on most Windows client and server platforms, the risk of future attacks targeting unpatched systems is significant.

Applying Microsoft’s July 2021 cumulative updates is the easiest way to ensure that attackers will not breach your network.

Also Read: How to Choose a Penetration Testing Vendor

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us