Ransomware gangs uses PrintNightmare to breach Windows servers
Sergiu Gatlan reports:
Ransomware operators have added PrintNightmare exploits to their arsenal and are targeting Windows servers to deploy Magniber ransomware payloads.
PrintNightmare is a class of security vulnerabilities (tracked as CVE-2021-1675, CVE-2021-34527, and CVE-2021-36958) impacting the Windows Print Spooler service, Windows print drivers, and the Windows Point and Print feature.
Vice Society has also starting using this type of attack.