Threat Brief: Windows Print Spooler RCE Vulnerability (CVE-2021-34527 AKA PrintNightmare)

This post is also available in: 日本語 (Japanese)

Executive Summary

On July 1, 2021, Microsoft released a security advisory for a new remote code execution (RCE) vulnerability in Windows, CVE-2021-34527, referred to publicly as “PrintNightmare.” Security researchers initially believed this vulnerability to be tied to CVE-2021-1675 (Windows Print Spooler Remote Code Execution Vulnerability), which was first disclosed in the Microsoft Patch Tuesday release on June 8, 2021. Microsoft has since updat…

Threat Brief: Windows Print Spooler RCE Vulnerability (CVE-2021-34527 AKA PrintNightmare)

Mediator – An Extensible, End-To-End Encrypted Reverse Shell With A Novel Approach To Its Architecture

SharpSystemTriggers: Collection of remote authentication triggers in C#

Webdiscover – The Purpose Of This Script Is To Automate The Web Enumeration Process And Search For Exploits

SharpSelfDelete: C# implementation of a method to delete a locked file, or current running executable, on disk

Editor Picks

Threat Hunting With Yara Rules

Certified Pre-Owned Detection Ideas

Defining Cobalt Strike Components So You Can BEA-CONfident in Your Analysis

Must read

SharpSystemTriggers: Collection of remote authentication triggers in C#

Webdiscover – The Purpose Of This Script Is To Automate The Web Enumeration Process And Search For Exploits

SharpSelfDelete: C# implementation of a method to delete a locked file, or current running executable, on disk

Popular categories