Executive BriefPrintNightmare is the name given to a critical remote code execution vulnerability in the Windows Print spooler service. Attackers can take advantage of this vulnerability to gain control of affected systems, causing widespread harm to internal and external parties.Technical DetailsThe RpcAddPrinterDriverEx() function is used to install a printer driver on a system. One of the parameters to this function is the DRIVER_CONTAINER object, which contains information about which driver is to be used by the added printer. The other argument, dwFileCopyFlags, specifies how replacement printer driver files are to be copied. An attacker can take advantage of the fact [...]
About MAAPPENThis author has not yet filled in any details.
So far MAAPPEN has created 7 blog entries.
Creating a strong password is an essential step to protecting yourself and your company online. Using long and complex passwords is one of the easiest ways to defend yourself from cyber risks. Of course, nobody is immune to cyber threats, but when following these tips, you can minimize your chances of an incident. Use a long passphrase You should consider using the longest password or passphrase permissible. For example, you can use a passphrase such as a news headline or even the title of the last book you read. Then add in some punctuation and capitalization.Don’t make passwords easy to guess [...]
Like any piece of technology, a web server needs to be tuned for peak performance. While desktop and portable devices continue to improve generation after generation, if the server at the heart of your site is not optimally configured, it may deliver a suboptimal experience to your users.Server response time is the average amount of time it takes for a server to respond to a browser request. It is a measure of how long it takes to load the necessary HTML to begin rendering the page, which reduces the network latency between your browser and your server. Though not exhaustive, [...]
Phishing emails and the use of unencrypted Hypertext Transfer Protocol (HTTP) protocol remain persistent channels through which malicious actors can exploit vulnerabilities in an organization’s cybersecurity posture. Attackers may spoof a domain to send a phishing email that looks like a legitimate email. At the same time, users transmitting data via unencrypted HTTP protocol, which does not protect data from interception or alteration, are vulnerable to eavesdropping, tracking, and the modification of the data itself. Breaking Down the Attack: How It WorksEmail An attacker spoofs the domain of a reputable organization, and sends an email that looks to be a legitimate [...]
Cloud computing has revolutionized the use of software applications, removing the need for local installation. Microsoft Office 365 and other SaaS applications leverage the cloud, increasing accessibility and capabilities. However, the data protection capabilities of Office 365 are greatly misunderstood, with many assuming that data backup and recovery is inherent in the application. This therefore has raised one important question: Are third party services actually useful in Office 365? The answer… Definitely! Proper data backup and recovery systems ensure that the day-to-day functions of the business are properly maintained. Data loss can be costly, and it doesn’t matter whether the [...]
One of the largest cyber security vulnerabilities lies with improper and/or ineffective password management. Below are a few high-impact and effective best practices to help equip you and your teams. YES Keep your login ID and passwords to yourself Use antivirus software at home and at work Use the screen lock or log off your computer when you are away Report security incidents immediately to your IT service team Enable multi-factor authentication where possible NO Use the same password for every email, web or network account Share your password to anyone over email, text, or instant message Share your individual [...]
Today many of us are living in unpredictable times. Organizations are embracing work from home policies that are a completely new experience for a majority of employees. These employees are left wondering how am I going to be just as productive at work when I am at home? MAAPPEN is here to assure you that you are not alone. Together, we can get through this transition from office work to remote work. At the end, you may even appreciate the added benefits a remote worker can achieve in a typical workday. 1. STRUCTURE TRANSITION TIMES For many workers, the commute [...]