Podcasts about print spooler

Hello everyone! This episode will be about Microsoft Patch Tuesday for November 2022, including vulnerabilities that were added between October and November Patch Tuesdays. As usual, I use my open source Vulristics project to create the report. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

Logitech's Lift is a vertical mouse that's easier to grasp, CISA warns of attackers now exploiting Windows Print Spooler bug, Google tracked 58,exploited zero-day security holes in 2021, For Russian tech firms, QNAP urges customers to disable UPnP port forwarding on routers Putin's crackdown ended their global ambitions, & Hackers can infect >100 Lenovo models with unremovable malware. Are you patched?   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw737

Kontynuujemy specjalną edycję naszego podcastu w nowej formule codziennych raportów. Od poniedziałku do piątku relacjonujemy dla Was najważniejsze wydarzenia z zakresu działań podejmowanych w cyberprzestrzeni. W dzisiejszym odcinku wystąpili Cyprian Gutkowski i Ewa Matusiak. Dzisiejsze tematy: Bilans wojny w Ukrainie. 250 „potężnych cyberataków” i setki rosyjskich agentów CISA ostrzega przed błędem w programie Print Spooler More

Logitech's Lift is a vertical mouse that's easier to grasp, CISA warns of attackers now exploiting Windows Print Spooler bug, Google tracked 58,exploited zero-day security holes in 2021, For Russian tech firms, QNAP urges customers to disable UPnP port forwarding on routers Putin's crackdown ended their global ambitions, & Hackers can infect >100 Lenovo models with unremovable malware. Are you patched?   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw737

On Windows Weekly, Mary Jo Foley, Paul Thurrott, and Leo Laporte discuss Microsoft's $21.88 billion Integrated Visual Augmentation Systems (IVAS) contract with the U.S. Army. Full episode on twit.tv/ww747 Hosts: Leo Laporte, Paul Thurrott, and Mary Jo Foley You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/

On Windows Weekly, Mary Jo Foley, Paul Thurrott, and Leo Laporte discuss Microsoft's $21.88 billion Integrated Visual Augmentation Systems (IVAS) contract with the U.S. Army. Full episode on twit.tv/ww747 Hosts: Leo Laporte, Paul Thurrott, and Mary Jo Foley You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/

On Windows Weekly, Mary Jo Foley, Paul Thurrott, and Leo Laporte discuss Microsoft's $21.88 billion Integrated Visual Augmentation Systems (IVAS) contract with the U.S. Army. Full episode on twit.tv/ww747 Hosts: Leo Laporte, Paul Thurrott, and Mary Jo Foley You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/

Windows Subsystem for Android & the Army's AR Headset Microsoft releases the first preview of its Windows Subsystem for Android Microsoft Publishes Windows Subsystem for Android Guidelines for Devs First Android Apps Preview Comes to ... the Beta Channel? Microsoft starts testing 'Update Stack Packages' to help streamline the Windows updating process Microsoft fixes AMD CPU performance issue with new Windows 11 test build Windows 11 known issues and notifications | Microsoft Docs Releasing Windows 10 Build 19043.1319 (21H1) to Release Preview Channel | Windows Insider Blog Releasing Windows 10 Build 19044.1319 (21H2) to Release Preview Channel | Windows Insider Blog Announcing Windows 11 Insider Preview Build 22483 | Windows Insider Blog The U.S. Army's AR Headset U.S. Army postpones its $22 billion Microsoft augmented-reality headset deliverables to late 2022 Developers Microsoft Officially Deprecates UWP vscode.dev Visual Studio Code for the Web Learn to build great Progressive Web Apps - Microsoft Edge Blog Xbox Microsoft to Celebrate Xbox 20th Anniversary with Back-to-Back Game Launches Microsoft Announces More Game Pass Titles for October Minecraft is Coming to Xbox Game Pass for PC Microsoft Releases Final Seasonal Update for Halo: MCC Microsoft's Xbox Mini Fridge Arrives Xbox Hosts a Retro Indie Game Sale Tips and picks Hardware pick of the week: Luna Display App pick of the week: Parallels Desktop 17.1 Enterprise pick of the week: SysInternals is in the Microsoft Store Enterprise pick of the week: Azure Stack HCI 21H2 is out Beer pick of the week: Fifth Hammer Scary Spice Hosts: Leo Laporte, Mary Jo Foley, and Paul Thurrott Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com Check out Mary Jo's blog at AllAboutMicrosoft.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: business.eset.com/twit wwt.com/twit barracuda.com/windows

Windows Subsystem for Android & the Army's AR Headset Microsoft releases the first preview of its Windows Subsystem for Android Microsoft Publishes Windows Subsystem for Android Guidelines for Devs First Android Apps Preview Comes to ... the Beta Channel? Microsoft starts testing 'Update Stack Packages' to help streamline the Windows updating process Microsoft fixes AMD CPU performance issue with new Windows 11 test build Windows 11 known issues and notifications | Microsoft Docs Releasing Windows 10 Build 19043.1319 (21H1) to Release Preview Channel | Windows Insider Blog Releasing Windows 10 Build 19044.1319 (21H2) to Release Preview Channel | Windows Insider Blog Announcing Windows 11 Insider Preview Build 22483 | Windows Insider Blog The U.S. Army's AR Headset U.S. Army postpones its $22 billion Microsoft augmented-reality headset deliverables to late 2022 Developers Microsoft Officially Deprecates UWP vscode.dev Visual Studio Code for the Web Learn to build great Progressive Web Apps - Microsoft Edge Blog Xbox Microsoft to Celebrate Xbox 20th Anniversary with Back-to-Back Game Launches Microsoft Announces More Game Pass Titles for October Minecraft is Coming to Xbox Game Pass for PC Microsoft Releases Final Seasonal Update for Halo: MCC Microsoft's Xbox Mini Fridge Arrives Xbox Hosts a Retro Indie Game Sale Tips and picks Hardware pick of the week: Luna Display App pick of the week: Parallels Desktop 17.1 Enterprise pick of the week: SysInternals is in the Microsoft Store Enterprise pick of the week: Azure Stack HCI 21H2 is out Beer pick of the week: Fifth Hammer Scary Spice Hosts: Leo Laporte, Mary Jo Foley, and Paul Thurrott Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com Check out Mary Jo's blog at AllAboutMicrosoft.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: business.eset.com/twit wwt.com/twit barracuda.com/windows

Windows Subsystem for Android & the Army's AR Headset Microsoft releases the first preview of its Windows Subsystem for Android Microsoft Publishes Windows Subsystem for Android Guidelines for Devs First Android Apps Preview Comes to ... the Beta Channel? Microsoft starts testing 'Update Stack Packages' to help streamline the Windows updating process Microsoft fixes AMD CPU performance issue with new Windows 11 test build Windows 11 known issues and notifications | Microsoft Docs Releasing Windows 10 Build 19043.1319 (21H1) to Release Preview Channel | Windows Insider Blog Releasing Windows 10 Build 19044.1319 (21H2) to Release Preview Channel | Windows Insider Blog Announcing Windows 11 Insider Preview Build 22483 | Windows Insider Blog The U.S. Army's AR Headset U.S. Army postpones its $22 billion Microsoft augmented-reality headset deliverables to late 2022 Developers Microsoft Officially Deprecates UWP vscode.dev Visual Studio Code for the Web Learn to build great Progressive Web Apps - Microsoft Edge Blog Xbox Microsoft to Celebrate Xbox 20th Anniversary with Back-to-Back Game Launches Microsoft Announces More Game Pass Titles for October Minecraft is Coming to Xbox Game Pass for PC Microsoft Releases Final Seasonal Update for Halo: MCC Microsoft's Xbox Mini Fridge Arrives Xbox Hosts a Retro Indie Game Sale Tips and picks Hardware pick of the week: Luna Display App pick of the week: Parallels Desktop 17.1 Enterprise pick of the week: SysInternals is in the Microsoft Store Enterprise pick of the week: Azure Stack HCI 21H2 is out Beer pick of the week: Fifth Hammer Scary Spice Hosts: Leo Laporte, Mary Jo Foley, and Paul Thurrott Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com Check out Mary Jo's blog at AllAboutMicrosoft.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: business.eset.com/twit wwt.com/twit barracuda.com/windows

Windows Subsystem for Android & the Army's AR Headset Microsoft releases the first preview of its Windows Subsystem for Android Microsoft Publishes Windows Subsystem for Android Guidelines for Devs First Android Apps Preview Comes to ... the Beta Channel? Microsoft starts testing 'Update Stack Packages' to help streamline the Windows updating process Microsoft fixes AMD CPU performance issue with new Windows 11 test build Windows 11 known issues and notifications | Microsoft Docs Releasing Windows 10 Build 19043.1319 (21H1) to Release Preview Channel | Windows Insider Blog Releasing Windows 10 Build 19044.1319 (21H2) to Release Preview Channel | Windows Insider Blog Announcing Windows 11 Insider Preview Build 22483 | Windows Insider Blog The U.S. Army's AR Headset U.S. Army postpones its $22 billion Microsoft augmented-reality headset deliverables to late 2022 Developers Microsoft Officially Deprecates UWP vscode.dev Visual Studio Code for the Web Learn to build great Progressive Web Apps - Microsoft Edge Blog Xbox Microsoft to Celebrate Xbox 20th Anniversary with Back-to-Back Game Launches Microsoft Announces More Game Pass Titles for October Minecraft is Coming to Xbox Game Pass for PC Microsoft Releases Final Seasonal Update for Halo: MCC Microsoft's Xbox Mini Fridge Arrives Xbox Hosts a Retro Indie Game Sale Tips and picks Hardware pick of the week: Luna Display App pick of the week: Parallels Desktop 17.1 Enterprise pick of the week: SysInternals is in the Microsoft Store Enterprise pick of the week: Azure Stack HCI 21H2 is out Beer pick of the week: Fifth Hammer Scary Spice Hosts: Leo Laporte, Mary Jo Foley, and Paul Thurrott Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com Check out Mary Jo's blog at AllAboutMicrosoft.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: business.eset.com/twit wwt.com/twit barracuda.com/windows

Windows Subsystem for Android & the Army's AR Headset Microsoft releases the first preview of its Windows Subsystem for Android Microsoft Publishes Windows Subsystem for Android Guidelines for Devs First Android Apps Preview Comes to ... the Beta Channel? Microsoft starts testing 'Update Stack Packages' to help streamline the Windows updating process Microsoft fixes AMD CPU performance issue with new Windows 11 test build Windows 11 known issues and notifications | Microsoft Docs Releasing Windows 10 Build 19043.1319 (21H1) to Release Preview Channel | Windows Insider Blog Releasing Windows 10 Build 19044.1319 (21H2) to Release Preview Channel | Windows Insider Blog Announcing Windows 11 Insider Preview Build 22483 | Windows Insider Blog The U.S. Army's AR Headset U.S. Army postpones its $22 billion Microsoft augmented-reality headset deliverables to late 2022 Developers Microsoft Officially Deprecates UWP vscode.dev Visual Studio Code for the Web Learn to build great Progressive Web Apps - Microsoft Edge Blog Xbox Microsoft to Celebrate Xbox 20th Anniversary with Back-to-Back Game Launches Microsoft Announces More Game Pass Titles for October Minecraft is Coming to Xbox Game Pass for PC Microsoft Releases Final Seasonal Update for Halo: MCC Microsoft's Xbox Mini Fridge Arrives Xbox Hosts a Retro Indie Game Sale Tips and picks Hardware pick of the week: Luna Display App pick of the week: Parallels Desktop 17.1 Enterprise pick of the week: SysInternals is in the Microsoft Store Enterprise pick of the week: Azure Stack HCI 21H2 is out Beer pick of the week: Fifth Hammer Scary Spice Hosts: Leo Laporte, Mary Jo Foley, and Paul Thurrott Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com Check out Mary Jo's blog at AllAboutMicrosoft.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: business.eset.com/twit wwt.com/twit barracuda.com/windows

Windows Subsystem for Android & the Army's AR Headset Microsoft releases the first preview of its Windows Subsystem for Android Microsoft Publishes Windows Subsystem for Android Guidelines for Devs First Android Apps Preview Comes to ... the Beta Channel? Microsoft starts testing 'Update Stack Packages' to help streamline the Windows updating process Microsoft fixes AMD CPU performance issue with new Windows 11 test build Windows 11 known issues and notifications | Microsoft Docs Releasing Windows 10 Build 19043.1319 (21H1) to Release Preview Channel | Windows Insider Blog Releasing Windows 10 Build 19044.1319 (21H2) to Release Preview Channel | Windows Insider Blog Announcing Windows 11 Insider Preview Build 22483 | Windows Insider Blog The U.S. Army's AR Headset U.S. Army postpones its $22 billion Microsoft augmented-reality headset deliverables to late 2022 Developers Microsoft Officially Deprecates UWP vscode.dev Visual Studio Code for the Web Learn to build great Progressive Web Apps - Microsoft Edge Blog Xbox Microsoft to Celebrate Xbox 20th Anniversary with Back-to-Back Game Launches Microsoft Announces More Game Pass Titles for October Minecraft is Coming to Xbox Game Pass for PC Microsoft Releases Final Seasonal Update for Halo: MCC Microsoft's Xbox Mini Fridge Arrives Xbox Hosts a Retro Indie Game Sale Tips and picks Hardware pick of the week: Luna Display App pick of the week: Parallels Desktop 17.1 Enterprise pick of the week: SysInternals is in the Microsoft Store Enterprise pick of the week: Azure Stack HCI 21H2 is out Beer pick of the week: Fifth Hammer Scary Spice Hosts: Leo Laporte, Mary Jo Foley, and Paul Thurrott Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com Check out Mary Jo's blog at AllAboutMicrosoft.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: business.eset.com/twit wwt.com/twit barracuda.com/windows

Are you stuck in the print nightmare? Richard talks to Jeremy Moskowitz about the ongoing battle over potential exploits through the point-and-print system in Windows. Jeremy talks about the discovery of the vulnerability in July 2021 and how it has led to a series of patches and registry key changes to resist a potential exploit. Meantime, people need to print! There are several workarounds with Group Policy, and Jeremy's own PolicyPak has some practical solutions. If you put some time into thinking through how your organization prints, you can find a solution that works and is secure!Links:July Windows Print Spooler Remote Code Execution VulnerabilityAugust Windows Print Spooler Remote Code Execution VulnerabilityRestrictDriverInstallationToAdministratorGroup Policy Settings for Controlling PrintersUltimate Guide to PrintNightmarePDQ DeployRecorded September 9, 2021

In this session excerpted from a web seminar, Sean Deuby (Semperis Director of Services) and Michele Crockett (Semperis Senior Director of Product Marketing) discuss two important Microsoft security flaws: the Windows Print Spooler vulnerability called PrintNightmare and the PetitPotam flaw. Sean gives some background on how cybercriminals exploit these flaws, how they came to light, and what you can do to guard against them.   More Resources: Watch the full webinar, Stepping Up Your Active Directory Defenses: Lessons Learned from Recent Attacks Like PrintNightmare Read “Detecting and Mitigating the PetitPotam Attack on Windows Domains” Blog by Ran Harel Read “TODO: Disable the Print Spooler service on Domain Controllers” Blog by Sander Berkouwer

How far would you go to protect your children from sexual predators? How much privacy would you give up to try to prevent the sharing of child pornography? We are now faced squarely with those questions because Apple has just announced some new initiatives that it believes will curb the viewing and sharing of pornographic images. But we need to be extremely careful here. The Four Horsemen of the Infocalypse are pedophiles, terrorists, drug dealers and organized crime. When someone asks you what privacy and civil liberties you would be willing to give up to stop these undeniably bad things, you need to replace their bogeyman with other straw men and make sure your convictions still hold. Technologies that can be used to stop something you hate today can also be used to stop things you don't tomorrow. Today I'll discuss Apple's new "child safety" initiatives and explain why I think they're making the wrong tradeoffs. And also why they are actually not that effective and even potentially harmful to children. In other news: Both T-Mobile and AT&T appear to have suffered massive data breaches of current and even prospective customers; Microsoft's PrintNightmare continues, despite several attempts to fix the issues; millions of home routers, web cams and baby monitors are vulnerable to a new attacks; Facebook is trying to help Afgans hide their friends lists in the face of Taliban reprisals; your IoT devices are horrible with random numbers, and that's a huge security risk; a secret terrorist watch list with almost 2 million people has leaked; and the OAuth web app authentication system is ripe for hacking, potentially putting several of your accounts at risk. Article Links Blocking the Exploitation of PrintNightmare https://securityboulevard.com/2021/08/blocking-the-exploitation-of-printnightmare/Disabling your Print Spooler (see “Workarounds”): https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527Millions of home Wi-Fi routers under attack by botnet malware https://www.tomsguide.com/news/arcadyan-router-malwareSEE ALSO: Router Security: https://routersecurity.org/ T-Mobile Data Breach: 100 Million Customer Data Records Compromised Including Social Security, Driver's License & Unique Device Numbers https://www.cpomagazine.com/cyber-security/t-mobile-data-breach-100-million-customer-data-records-compromised-including-social-security-drivers-license-unique-device-numbers/Hacker Selling Private Data Allegedly from 70 Million AT&T Customers https://restoreprivacy.com/att-data-breach-70-million-customers/ Millions of Web Camera and Baby Monitor Feeds Are Exposed https://www.wired.com/story/kalay-iot-bug-video-feeds/ Secret terrorist watchlist with 2 million records exposed online https://www.bleepingcomputer.com/news/security/secret-terrorist-watchlist-with-2-million-records-exposed-online/ To protect users, Facebook says it's hiding friends lists on accounts in Afghanistan https://www.nytimes.com/2021/08/20/world/asia/afghanistan-facebook.html Web apps have become so complex that they're unsafe to use, researchers say https://www.tomsguide.com/news/unsafe-web-apps-oauth DEFCON “You're doing IoT RNG” paper: https://labs.bishopfox.com/tech-blog/youre-doing-iot-rng Apple's New ‘Child Safety' Initiatives, and the Slippery Slope https://daringfireball.net/2021/08/apple_child_safety_initiatives_slippery_slopeWe built a system like Apple's to flag child sexual abuse material — and concluded the tech was dangerous https://www.washingtonpost.com/opinions/2021/08/19/apple-csam-abuse-encryption-security-privacy-dangerous/Open letter to Apple from 90+ world orgs https://cdt.org/insights/international-coalition-calls-on-apple-to-abandon-plan-to-build-surveillance-capabilities-into-iphones-ipads-and-other-products/ Tell Apple not to scan our phones: https://act.eff.org/action/tell-apple-don-t-scan-our-phones  Further Info Become a Patron! https://www.patreon.com/FirewallsDontStopDragons Would you like me to speak to ...

Support ThreatWire!  https://www.patreon.com/threatwire  Shop ThreatWire Merch Directly! - https://snubsie.com/shop Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:  Is this the biggest crypto hack ever? Print Spooler is an actual Nightmare, and a hacker claims t-mobile data was stolen in a server hack! All that coming up now on ThreatWire.    #threatwire #hak5 Links: Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering security and privacy topics for network admins and users. Watch this on youtube (video may be “private” until the scheduled publish time): https://youtu.be/UW38I60EmX4 Shop ThreatWire Merch Directly! - https://snubsie.com/shop Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/  Support ThreatWire!  https://www.patreon.com/threatwire  Links: Poly Network Hack:  https://arstechnica.com/information-technology/2021/08/hackers-siphon-600-million-in-digital-tokens-crypto-network-says/ https://www.bleepingcomputer.com/news/security/over-600-million-reportedly-stolen-in-cryptocurrency-hack/ https://www.zdnet.com/article/poly-network-hackers-potentially-stole-610-million-is-bitcoin-still-safe/ https://twitter.com/PolyNetwork2/status/1425130017546149891 https://www.reuters.com/technology/how-hackers-stole-613-million-crypto-tokens-poly-network-2021-08-12/ https://twitter.com/PolyNetwork2/status/1425123153009803267/photo/1 https://twitter.com/PolyNetwork2/status/1425870262067548163/photo/1 https://www.bbc.com/news/business-58193396 https://cointelegraph.com/news/poly-network-hacker-returns-258m-conducts-ama-on-how-it-went-down PrintNightmare:  https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-print-spooler-printnightmare-vulnerability/ https://www.zdnet.com/article/microsoft-fixes-windows-10-printnightmare-flaw-with-this-update/ https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-another-windows-print-spooler-zero-day-bug/ https://twitter.com/gentilkiwi/status/1416429860566847490 https://www.bleepingcomputer.com/news/security/ransomware-gang-uses-printnightmare-to-breach-windows-servers/ https://blog.talosintelligence.com/2021/08/vice-society-ransomware-printnightmare.html T-Mobile Data:  https://www.vice.com/en/article/akg8wg/tmobile-investigating-customer-data-breach-100-million https://threatpost.com/t-mobile-investigates-100m-records/168689/ https://twitter.com/UnderTheBreach/status/1426923538099970050 https://www.cnet.com/tech/services-and-software/t-mobile-investigating-claim-of-stolen-personal-data-for-sale/ https://www.bleepingcomputer.com/news/security/hacker-claims-to-steal-data-of-100-million-t-mobile-customers/ -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org Shop →  http://hakshop.myshopify.com/ Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.

In today's podcast we cover four crucial cyber and technology topics, including: 1. Job scams used to launder/move bitcoin via bitcoin ATMs2. Trend Micro warns of actively exploited flaws in its Apex One product 3. Ransomware actors exploiting PrintNightMare 4. Microsoft advises there is new Print Spooler flaw I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

On this week's episode of the podcast I cover a lot of highlights from HIMSS 2021, cover a lot of security news including some regarding Windows 365 plus much more! Reference Links: https://www.rorymon.com/blog/episode-189-himss-2021-highlights-patch-tuesday-news-new-print-spooler-issue-more/

Recorded 26th July 2021 Yes so we didn't record last week... sort of because it was hot and sticky (at least by UK standards), and we didn't feel like any stories really caught our interest... and well, we just weren't really feeling it I guess. Since then however quite a lot has happened (including Simon's shiny new M1 just being dead on Thursday morning...). But you can't keep a good podcast down for long – so here we are again - back in the saddle and ready to regale you with the stories of the last week or so... (Sorry if the sound is a bit different to usual, had to use a rather basic setup). GIVEAWAYS & OFFERS Glenn Fleishman's book Take Control of Securing Your Mac can be found at takecontrolbooks.com along with many other titles by him, Joe Kissell, Jeff Carlson and others. Steve at Geeks Corner has a podcast which is usually a 5-15 min show of his thoughts on tech. Also keep an eye on his site or follow him on Twitter @GeekCorner_uk to watch for regular giveaways. Why not come and join the Slack community? You can now just click on this Slackroom Link to sign up and join in the chatter! On this week's show: NICK RILEY @spligosh on Twitter very occasionally. Sometimes appears on Bart Busschots' Let's Talk Apple Sutton Park Circuit church worship on YouTube Nick's church stream videos – You Tube JAMES ORMISTON MacJim in the Slack Also on Flickr as Ormie (O) Has videos on Vimeo APPLE Feedback from Allister: FileVault doesn't store the password anywhere. There is a key stored somewhere which is encrypted with that password. When it asks for the password it tries to decrypt the key, then uses the key to decrypt the drive content. If that works you entered the correct password. If not, you didn't. That's why it takes a little while to fail if you get it wrong. Simon's dead M1 MBA... iCloud has another case of the Mondays – 9to5Mac Akamai DNS outage knocks many major websites and services offline – 9to5Mac Apple employees pen second letter asking for work-from-home options – AppleInsider Gurman: iPhone 13 event likely to be virtual as Apple delays return to work – 9to5Mac An iPhone 5s Won A Photography Award In 2021 – ÜberGizmo Tim Cook says Apple will donate to support flood relief efforts in Western Europe – 9to5Mac iOS 15 hidden features on iPhone: Here's what Apple didn't tell you – CNet Phone Remains Findable Even After Power Off in iOS 15 Beta 3 – iPhone in Canada iOS and Android Activations Now Split Evenly in the U.S., Research Shows – MacRumors Latest Safari Technology Preview contains updated tab bar design – AppleInsider YouTuber sends AirTag to Tim Cook, and Apple returns it with a letter – 9to5Mac If You Guys Are Really Us, What Number Are We Thinking Of? (No 69º F) – Daring Fireball Apple's threat to quit Britain over £5bn patent row – This is Money Apple Threatens to Leave UK Market Due to $7 Billion Patent Dispute – MacRumors TECHNOLOGY LG's rollable TV costs 50 times as much as a normal OLED – Ars Technica Arm's cheap and flexible plastic microchip could create an ‘internet of everything– The Verge A natively flexible 32-bit Arm microprocessor – Nature NASA successfully switches the Hubble to backup hardware – Ars Technica Retired NASA Engineers Return to Fix Hubble Telescope – Smithsonian Magazine SECURITY & PRIVACY An explosive spyware report shows limits of iOS, Android security – Ars Technica iOS security researcher Will Strafach agrees Apple can do more in combating NSO – 9to5Mac ProtonVPN's new macOS and iOS update helps bypass censorship – Reclaim The Net Introducing Email Protection: The easy way to block email trackers and hide your address – Duck Duck Go Security researchers uncover more Print Spooler vulnerabilities – IT Pro Shocking New Windows 10 Security Alert As Unpatched Bug Exposes Admin Passwords – Forbes Virulent Windows 'XLoader' malware is now on macOS – AppleInsider WORTH A CHIRP / ESSENTIAL TIPS ‎How to add lines and grids to your Notes on iOS and iPadOS – AppleInsider Essential Apple Recommended Services: All Things Secured – Online security made simple by Josh Summers. Pixel Privacy – a fabulous resource full of excellent articles and advice on how to protect yourself online. Doug.ee Blog for Andy J's security tips. Ghostery – protect yourself from trackers, scripts and ads while browsing. Simple Login – Email anonymisation and disposable emails for login/registering with 33mail.com – Never give out your real email address online again. AnonAddy – Disposable email addresses Sudo – get up to 9 “avatars” with email addresses, phone numbers and more to mask your online identity. Free for the first year and priced from $0.99 US / £2.50 UK per month thereafter... You get to keep 2 free avatars though. ProtonMail – end to end encrypted, open source, based in Switzerland. Prices start from FREE... what more can you ask? ProtonVPN – a VPN to go with it perhaps? Prices also starting from nothing! Comparitech DNS Leak Test – simple to use and understand VPN leak test. Fake Name Generator – so much more than names! Create whole identities (for free) with all the information you could ever need. Wire and on the App Stores – free for personal use, open source and end to end encryted messenger and VoIP. Pinecast – a fabulous podcast hosting service with costs that start from nothing. Essential Apple is not affiliated with or paid to promote any of these services... We recommend services that we use ourselves and feel are either unique or outstanding in their field, or in some cases are just the best value for money in our opinion. Social Media and Slack You can follow us on: Twitter / Slack / EssentialApple.com / Soundcloud / Spotify / Facebook / Pinecast Also a big SHOUT OUT to the members of the Slack room without whom we wouldn't have half the stories we actually do – we thank you all for your contributions and engagement. You can always help us out with a few pennies by using our Amazon Affiliate Link so we get a tiny kickback on anything you buy after using it. If you really like the show that much and would like to make a regular donation then please consider joining our Patreon or using the Pinecast Tips Jar (which accepts one off or regular donations) And a HUGE thank you to the patrons who already do. Dead M1, Next Safari, PlasticARM, Pegasus Spyware, XLoader Support The Essential Apple Podcast by contributing to their Tip Jar: https://tips.pinecast.com/jar/essential-apple-show This podcast is powered by Pinecast.

This week we discuss the seemingly never ending Nightmare of the Windows print exploit dubbed, PrintNightmare, and also answer the question: Is the Google assistant spying on me? Support US: Donations - https://simplecyberdefense.com/Donate Connect with US: Facebook - https://www.facebook.com/SimpleCyberDefense/ Twitter - https://twitter.com/SimCyberDefense MeWe - https://mewe.com/join/simplecyberdefense Mastodon - https://mastodon.social/@SimpleCyberDefense Minds - https://mastodon.social/@SimpleCyberDefense LBRY - https://lbry.tv/@SimpleCyberDefense LinkedIn - https://www.linkedin.com/groups/12488483/ Rumble - https://rumble.com/c/c-406535 PeerTube - https://worldofvids.com/video-channels/simple_cyber_defenese/videos YouTube - https://www.youtube.com/channel/UCF1IvGkxa4qz-jsJg70884Q Intro: Film Glitch by Snowflake (c) copyright 2017 Licensed under a Creative Commons Attribution Noncommercial (3.0) license. http://dig.ccmixter.org/files/snowflake/56350 Ft: reusenoise Links: Microsoft warns of Windows ‘PrintNightmare' vulnerability that's being actively exploited - https://www.theverge.com/2021/7/2/22560435/microsoft-printnightmare-windows-print-spooler-service-vulnerability-exploit-0-day Microsoft issues urgent security warning: Update your PC immediately - https://www.cnn.com/2021/07/07/tech/microsoft-security-update/ Microsoft Suggests Disabling Windows Print Spooler After New Bug Discovered - https://redmondmag.com/articles/2021/07/16/disable-windows-print-spooler.aspx Disabling and reenabling Print Spooler to mitigating against PrintNightmare - https://simplecyberdefense.com/blog/2021/07/18/disabling-and-reenabling-print-spooler-to-mitigating-against-printnightmare/ Google reportedly admits that Assistant sometimes records your audio secretly - https://www.androidauthority.com/google-assistant-secret-recording-1637045/ The Librem 5 Phone - https://puri.sm/products/librem-5/ Manage audio recordings in your Web & App Activity - https://support.google.com/websearch/answer/6030020 --- Support this podcast: https://anchor.fm/simplecyberdefense/support

Another new vulnerability has been published for Windows, this time imapcting the Print Spooler. This vulnerability is an elevated privilege one and needs to be dealt with now. How to disable it In Windows Search bar type - services.msc Scroll to Print Spooler and double click. Change Startup Type to Manual or Disabled, then hit Stop. Be aware, be safe. Don't forget to vote for Security In Five Podcast Awards - https://www.podcastawards.com/app/signup Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

Hello guys! The fourth episode of Last Week's Security news, July 12 – July 18. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

UNA VULNERABILIDAD CRÍTICA LLAMADA PRINTNIGHTMARE HA OBLIGADO A MICROSOFT A PARCHEAR HASTA WINDOWS 7 Fuente: Gizmodo https://es.gizmodo.com/una-vulnerabilidad-critica-llamada-printnightmare-ha-ob-1847242206 Microsoft acaba de lanzar una actualización de seguridad que soluciona un fallo crítico. El error en cuestión se llama “Windows Print Spooler Code Execution Vulnerability” y afecta a todas las versiones de Windows recientes e incluso a algunas antiguas como Windows 8 o 7 para las que la compañía también ha lanzado una actualización de manera excepcional. El parche previene una vulnerabilidad del servicio de impresión Windows Print Spooler que permite a terceros la ejecución de archivos en modo administrador. En otras palabras, un atacante que logre explotar el fallo podría instalar todo tipo de software, ver cambiar o borrar datos y hasta crear nuevas cuentas de administrador. No es casualidad que el fallo se haya bautizado con el pseudónimo PrintNightmare. El servicio Print Spooler funciona por defecto en Windows, así que la compañía ha preparado actualizaciones de seguridad para Windows. Si tienes alguna versión de Windows ya debería estar actualizada o a punto de hacerlo. SAMSUNG ES EL PRÓXIMO GIGANTE TECNOLÓGICO EN PERSEGUIR A IMPORTANTES FILTRADORES Fuente: Android Authority https://www.androidauthority.com/samsung-crackdown-on-leak-sources-1640232/ Apple no es el único peso pesado de la tecnología que elimina a aquellos que filtran sus cosas. Como han señalado los usuarios de Reddit, el filtrador AllAboutSamsung advirtió que Samsung está utilizando reclamos de derechos de autor para eliminar imágenes y videos de proveedores de filtraciones. Algunas de las imágenes desaparecerán en unos días, y, según los informes, esto fue "solo el comienzo". Otros filtradores sugirieron que eliminarían publicaciones que tengan material de Samsung. Se enfatizó que Samsung solo perseguía a los proveedores originales, no a los medios de comunicación que informaban sobre esas filtraciones. Entonces, no verá que la cobertura de fugas de Samsung de ciertas revistas digitales desaparezcan repentinamente. Xiaomi también ha tomado medidas drásticas contra las filtraciones en los últimos días. Movimientos como este no son sorprendentes. Las fugas suelen ser violaciones de la confidencialidad de la empresa. Por definición, los filtradores precisos están compartiendo material sin permiso. Y si bien es tentador afirmar que Samsung se beneficia cada vez que surge una fuga, podría argumentar que roban el trueno de los eventos e incluso reducen las ventas. Si la represión de las fugas de Samsung tiene o no un gran efecto en la práctica, podría ser otro asunto. Las filtraciones tienden a extenderse rápidamente, después de todo, y es posible que no lleve mucho tiempo difundir fotos espía y tomas de prensa mientras se eliminan las publicaciones de origen. --- Send in a voice message: https://anchor.fm/elgordocircuito/message

There's a lot to cover in this week's episode, so brace yourself because we've got newsflashes and stone-cold facts flying your way.  First up, despite what Chris thinks, people do still use printers. Now, researchers in China have found (and accidentally disclosed) a critical Windows zero-day affecting Print Spooler. Cue much printer hate, as well as some actually useful insights into what has occurred.  Next on the agenda, we take a look at the HSE Ireland ransomware attack, with a special focus on what the heck has been going on with Virus Total. Also coming up is the somewhat intriguing “fact” that the USA is the most cyber-secure nation in the world.  And it wouldn't be an episode of Cyber Humanity without a juicy ‘hackers could' feature starting with a NEWSFLASH! Homes filled with smart devices could be exposed to hundreds of hacking attempts a WEEK. To which we say: no sh*t, Sherlock. *** https://www.infosecurity-magazine.com/news/printnightmare-zero-day/ (https://www.infosecurity-magazine.com/news/printnightmare-zero-day/) https://www.theregister.com/2021/06/30/america_global_cyber_security_index_2020/ (https://www.theregister.com/2021/06/30/america_global_cyber_security_index_2020) https://www.bleepingcomputer.com/news/security/microsoft-finds-netgear-router-bugs-enabling-corporate-breaches/ (https://www.bleepingcomputer.com/news/security/microsoft-finds-netgear-router-bugs-enabling-corporate-breaches/) https://www.bleepingcomputer.com/news/security/virustotal-ordered-to-reveal-private-info-of-stolen-hse-data-downloaders/ (https://www.bleepingcomputer.com/news/security/virustotal-ordered-to-reveal-private-info-of-stolen-hse-data-downloaders/)

Print Spooler printnightmare Update https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527 https://doublepulsar.com/zero-day-for-every-supported-windows-os-version-in-the-wild-printnightmare-b3fdb82f840c https://blog.truesec.com/2021/06/30/fix-for-printnightmare-cve-2021-1675-exploit-to-keep-your-print-servers-running-while-a-patch-is-not-available/ https://github.com/LaresLLC/CVE-2021-1675

Print Spooler printnightmare Update https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527 https://doublepulsar.com/zero-day-for-every-supported-windows-os-version-in-the-wild-printnightmare-b3fdb82f840c https://blog.truesec.com/2021/06/30/fix-for-printnightmare-cve-2021-1675-exploit-to-keep-your-print-servers-running-while-a-patch-is-not-available/ https://github.com/LaresLLC/CVE-2021-1675

Extending Android Device Compatibility for Let's Encrypt Certificates https://letsencrypt.org/2020/12/21/extending-android-compatibility.html Insufficient Patch for Windows 8.1/10 Print Spooler https://bugs.chromium.org/p/project-zero/issues/detail?id=2096 Google Docs Vulnerability https://savebreach.com/stealing-private-documents-through-a-google-docs-bug/ CCC Conferences Virtual https://streaming.media.ccc.de/rc3