Vulnerabilities can be found in just about any type of software—and even some pieces of hardware. Threat actors are all too eager to take advantage of these vulnerabilities, leveraging them to gain access to or escalate privileges in an organization’s IT infrastructure. When these vulnerabilities are discovered before the vendor is aware, these are known as zero-day threats.

The PrintNightmare flaw is aptly named—the serious remote code execution vulnerability in the Microsoft Windows Print Spooler service, CVE-2021-34527, can give an attacker the keys to the kingdom.

In the first Inside the Mind of an Attacker series, we walked through scenarios of potential attacks on Active Directory, as well as techniques on how to identify and avoid breaches.

The latest release of Core Impact has arrived! Version 21.1 demonstrates our commitment to allowing users to conduct advanced penetration tests effortlessly and efficiently. This release includes new features focused on increased visibility and ease of use, along with a simplified update process.

As data breaches continue to dominate the headlines, suggestions for enhancing your cybersecurity stance are everywhere. While much of this advice may be worth following, it’s often complicated, entailing multi-step processes or requiring expert intervention. However, before you start exploring advanced options, it’s important to begin with the basics. When it comes to cybersecurity, the simplest advice is to always implement patches.