Regulators are ready to enforce new state data privacy laws. Here's how experts say organizations can stay compliant and avoid penalties.

Source: EThamPhoto via Alamy Stock Photo

If you get a call from John Eakins at the Delaware Attorney General's office, you've already filed a data breach notice with the state, so you know there's a problem. What information security teams do next could mean the difference between getting slapped with a hefty fine or getting off with a warning, along with your reputation intact.

Delaware Deputy Attorney General Eakins is in charge of enforcing the new state regulations under the Delaware Personal Data Privacy Act (DPDPA), first passed by lawmakers in 2023 and just coming into effect on Jan. 1. He says organizations operating in Delaware should expect a call from his office after reporting a major breach. Then he is going to want to drill down on two specific criteria: the harm caused and whether it can be fixed.

"They should expect to be asked to provide information about the breach, an assessment of the harm caused, and the sensitivity of the data that was breached," Eakins tells Dark Reading. But that doesn't necessarily mean enforcement is imminent, he adds. Companies are offered what's known as a "right to cure," in Delaware along with many other states, meaning if the error that led to the breach can get fixed within a range of 30 to 60 days, the company won't be penalized.

That's where it becomes critical for organizations and their data security teams to have a "story to tell," according to Andreas Kaltsounis, an attorney and partner with BakerHostetler, who works with data privacy regulators on behalf of clients.

**State Privacy Laws, Enforcement on the Rise**

Twenty states, including Delaware, have passed data privacy regulations as of 2025, but these new laws aren't really necessary for states to levy penalties for data breaches, Kaltsounis points out. Federal law could be used in many of these instances, half the states already have information security requirements on the books, and nearly all the states have some form of an "unfair, deceptive, and abusive practices" (UDAP) law, which could also be used as enforcement mechanisms for many data breach instances, he adds.

What new privacy legislation has done for regulators isn't so much putting rules on the books — it's allocating more money toward enforcing lax data privacy among organizations, including money to hire in-house expertise. Pair that with federal deregulation under the Trump administration, and states are in a prime position to fill the gap.

Each state is picking its own lane.

Texas, for its part, is going after connected car data, filing suit against General Motors and, more recently, insurance company Allstate for collecting consumer data without complying with the new Texas Data Privacy Act (TDPSA). The Texas AG alleges the insurer was paying developers of other apps, including Life360, to incorporate secret embedded software to collect cell phone location data on Texans and then use that information to justify insurance rate hikes.

New York Attorney General Letitia James also recently fined companies, including one distributing a line of insecure home security video systems ($450,000), GEICO and Travelers insurance companies for failing to protect data ($11.3 million), and Capital Regions healthcare provider ($2.25 million) for failing to protect medical data. In December, New York Gov. Kathy Hochul expanded the AG's oversight of the cybersecurity of financial services. New York's primary enforcement efforts have been trained on the sizable financial services companies operating in its jurisdiction.

Delaware will be focused on the abuse of geolocational data and the data security of emerging artificial intelligence (AI) technologies, Delaware's deputy AG Eakins says.

Despite the flurry of press releases, consumer advocates like the Electronic Frontier Foundation's associate director of legislative advocacy, Hayley Tsukayama, say every state should be doing much more to protect consumer data. Tsukayama points to business-friendly loopholes like the "right to cure" offered by regulators, including those in Delaware, as a "get out of jail free card," and would like to see more pressure on companies to protect sensitive data before it's too late.

The Electronic Privacy Information Center (EPIC) is likewise unimpressed overall with state efforts on data privacy. In its recent "State of the Privacy" report, EPIC said new state laws, "...fail to protect consumers." Of the 19 states that have passed consumer privacy legislation packages, nearly half got F grades from EPIC; only California got a B, and no state received an A.

Chronic underfunding has bogged down enforcement efforts, Tsukayama says. But that's all about to change.

Delaware deputy AG Eakins said his office received a boost in funding along with the DPDPA and his office now has a full-time computer scientist to help lend expertise to their investigations. Many other states have followed suit, allocating bigger budgets for data privacy oversight along with new compliance requirements.

**Get Your Data Privacy Story Right, Now**

Attorney Kaltsounis says regulators are busy; in his experience, organizations with a compelling "story to tell" are going to be far better positioned to avoid penalties. That means being able to demonstrate how the organization was taking information security seriously well before the breach. He recommends a good old-fashioned data audit, purging anything sitting on an old server that isn't needed anymore. Then organizations need to double down on collecting only the data they absolutely need for the shortest period of time possible.

"They both need to be done," Kaltsounis advises.

Enterprises should treat this new regulatory environment at the state level as an opportunity to incorporate data privacy as a foundational principle of the business, according to Ryan Edge, director of strategy, privacy, and data governance with OneTrust, a data privacy services provider.

"One thing is for sure — data privacy is not going away," Edge says. "There are more than a dozen US state privacy laws in effect today. It can seem daunting, but it doesn't need to be. Companies don't have to reinvent the wheel for each law. By operationalizing data privacy, they can see benefits beyond compliance, like minimizing risk, driving data quality, and building trust with consumers."

Organizations should develop a strategy that includes data mapping, privacy impact assessments, and privacy engineering to understand how data is being used. This would help define policies such as how long data is kept, how it is protected, and how it is disposed when no longer needed.

When it comes to how the Delaware AG's office will determine where data privacy penalties are appropriate, Eakins says the state's $52 million settlement reached with Marriott for the company's lack of "providing reasonable security" is a strong starting framework. Baseline technical requirements established out of the multistate Marriott settlement include having a comprehensive information security program in place, minimizing the amount of data collected with disposal requirements and supply chain oversight. That's a good place for organizations to start.

Moving forward, Kaltsounis expects to see a "friendly competition" emerge among states to demonstrate the strongest data protection stance on behalf of their citizens. Staffed-up offices of state regulators armed with a mandate and fresh budgets are likely to start becoming a standard fixture in the aftermath of a data breach.

When they call, what story will you have to tell them?

State Data Privacy Regulators Are Coming. What Story Will You Tell Them?

The deal, expected to close this quarter, will give Tenable One Exposure Management much-needed integration with over 100 third-party security tools and platforms.

Source: Maxiphoto via iStock Photo

Tenable is poised to fill significant gaps in its exposure management platform with its agreement to acquire Vulcan Cyber.

Tenable said it was the first vendor to add exposure management to its vulnerability management platform when it launched the Tenable One Exposure Management Platform in 2022. However, Tenable's exposure management has lacked the ability to share telemetry with IT and security tools from other vendors. This is where Vulcan Cyber's exposure management offering, which can integrate with more than 100 third-party security tools, can make a difference for Tenable.

"This will give organizations the ability to have insights across the attack surface, not just what you point at Tenable but also that third-party data," says Tenable senior VP of products Jason Merrick. "At the end of the day, our focus here is helping organizations move as they're progressing from vulnerability management to exposure management and then gaining that context where they can make better decisions."

**Adding Exposure Management to Vulnerability Management**

Unlike vulnerability management offerings that are designed to discover, assess, prioritize, and mitigate threats in IT assets, exposure management considers an organization's cybersecurity posture and performs risk assessment.

Several Tenable rivals also offer exposure management as part of their product portfolios. For example, CrowdStrike added Exposure Management to its Falcon XDR platform in 2023, and Microsoft recently added exposure management to Microsoft Defender, which notably includes third-party connectors. On the same day Tenable announced its Vulcan Cyber plans, exposure management platform provider CYE acquired Solvo.

Omdia analyst Andrew Braunberg believes Vulcan Cyber will bring needed features to Tenable One that its rivals are now touting.

"While Tenable has been talking about exposure management for as long as anyone, it still often has the feel of an old legacy vulnerability management company," Braunberg says. "Vulcan has always seen exposure management as where the market was headed and has taken an impressively open approach to pulling in asset and exposure data and working to broadly support remediation, orchestration, and automation."

Tenable's Merrick acknowledges that Microsoft's licensing model with its M365 E3 and E5 plans give Microsoft an advantage.

"They can throw a lot of free stuff at this, and there are many organizations that are Microsoft-only shops," he says. "CrowdStrike, too, is growing and expanding. But I also think that this is an opportunity for Tenable to differentiate, to continue being that source of truth, to provide better analytic capability, and to tie these things together. Because at the end of the day, this forces us, from a product standpoint, to continue to innovate and deliver new capabilities."

Organizations are only beginning to expand their focus on vulnerability management to include exposure management, Merrick adds.

"I think we're in the first inning of exposure management," he says. "More and more, organizations are starting to talk about this."

The deal, announced on Wednesday, calls for Tenable to pay $147 million in cash and $3 million in restricted stock to Vulcan Cyber. While Merrick is unable to discuss specific integration plans before the deal closes, which the company anticipates will take place this quarter, the 100-plus connectors to third-party systems were a key impetus for the deal.

"We have always been envisioning being able to ingest third-party data into our exposure management platform like we've done with our vulnerability management solution," he says. "We've already built the data model specifically to accept and bring in third-party data. So we want to be able to go and fast-track that. Once we close, this is going to be the big focus for us in 2025."

**About the Author**

Contributing Writer

Jeffrey Schwartz is a journalist who has covered information security and all forms of business and enterprise IT, including client computing, data center and cloud infrastructure, and application development for more than 30 years. Jeff is a regular contributor to Channel Futures. Previously, he was editor-in-chief of Redmond magazine and contributed to its sister titles Redmond Channel Partner, Application Development Trends, and Virtualization Review. Earlier, he held editorial roles with CommunicationsWeek, InternetWeek, and VARBusiness. Jeff is based in the New York City suburb of Long Island.

Tenable to Acquire Vulcan Cyber to Boost Exposure Management Focus

Nine application security toolmakers band together to fork the popular Semgrep code-scanning project, touching off a controversy over access to features and fairness.

Source: TippaPatt via Shutterstock

A group of nine application security service providers announced they would "fork" the popular code-scanning project Semgrep, creating a new codebase, after a series of moves by the eponymous startup made it more difficult for the firms to use the open source software in their own products.

The companies — Aikido Security, Arnica, Amplify Security, Endor Labs, Jit, Kodem, Legit Security, Mobb, and Orca Security — embarked on the initiative after Semgrep announced it had moved some capabilities of its open source engine into the startup's paid version. Dubbed Opengrep, the new project remains under the same license as the Semgrep Community Edition — the Lesser GNU Public License (LGPL) — but will restore advanced features and the ability to export data in JSON and SARIF formats, as well as create an open source database of rules.

The Opengrep initiative is intended to create a neutral open source project that is not owned by a single company and can be improved to suit the needs of enterprise users and the group of companies behind the project, says Varun Badhwar, CEO and co-founder of software supply chain security firm Endor Labs, one of the companies sponsoring Opengrep.

"We are all collectively funding this right now, but once we stabilize the project, our goal is to turn it over to the right community ... we don't want to — as vendors — own this long term," he says. "This is an interim step for us — to create something that is owned by multiple parties and not a single vendor \[that\] can overnight decide to make a change."

The triggering event for the open source split came on Dec. 13, when Semgrep outlined changes it had made to seemingly small — but nevertheless important — features. The company sought to further delineate its Pro version from the open source project by renaming the latter to the "Community Edition," clarifying that the license allowed only internal use of its ruleset and removing the ability of the Community Edition to export certain fields in common output formats, such as JSON and the Static Analysis Results Interchange Format (SARIF).

Essentially, the firm has pursued an open core model, where the core engine is made public using an open source license, but more advanced features are made proprietary.

"I feel that we've clarified what belongs in a Unix-style, open source tool for security practitioners versus what makes sense in a commercial platform," says Luke O'Malley, chief product officer and founder at Semgrep. "Features like platform-focused fingerprinting go beyond CE's core mission. As maintainers, we ask ourselves: Would the majority of the community see this as fair? That principle broadly guides what stays in CE and what is in our commercial offering."

**Freeloading and a Growing Gap**

The creation of the Opengrep project has created a kerfuffle among some application security specialists, with some criticizing the companies for forking, rather than financing, Semgrep's open source core. In many ways, it's part of a playbook where venture-backed companies use an open source project to launch their own products, argued application security specialist Mark Curphey, in a Jan. 29 column.

"\[W\]hy on earth would anyone fork a successful open-source security project with a vibrant community?," he said. "There are a lot of free-loaders in the world of software, companies who build on other peoples hard work, and that don't fairly contribute back to the projects that they are making money off. It's perfectly legal as long as they stay within the license terms, and sadly a fact of life."

He pointed to another application security project — the open source Zed Attack Proxy (ZAP) used for dynamic application security testing (DAST) — which suffered similar commercial issues during its development, struggling to fund the maintainers of the project, even though "over a dozen commercial DAST services" used the open source codebase as the basis of their products. Application security firm Checkmarx ended up hiring all three ZAP maintainers and committed to funding the project, which formed the foundation of its own DAST solution.

In Curphey's mind, Semgrep's efforts have been taken advantage of.

"I think open source funding is incredibly complex, but this doesn't feel right, and it feels hypocritical to me for these companies to be doing this," he told Dark Reading in an interview.

**More Features for Opengrep?**

Endor Labs' Badhwar, however, argues that Opengrep will be a more feature-rich version of the code-scanning engine because Semgrep had slowly created a gap between its professional AppSec Platform and its open source engine — a common practice among companies that create open core technologies.

The creation of the Community Edition and the removal of some "experimental" features that the Opengrep companies considered valuable caused alarm among the commercial vendors who used the Semgrep engine as part of their service offerings, says Badhwar.

"There are several examples where the community tried to contribute things that would close the gaps in the open source version of Semgrep ... that the maintainers of the engine were choosing not to necessarily accept and include," he says. "I think it was becoming very clear ... that Semgrep's biggest competitor was their own open source engine, and so they were trying to create a bigger gap."

Opengrep has already financed two software engineers to work on the project and will discuss a road map during a Feb. 20 meeting.

This tension has played out with other open source projects as well. The open source search engine Elasticsearch, for example, had been developed as an open core project, but Elastic shifted the license in January 2021 to restrict managed service providers from using the software as the basis of their services. The same month, a group of Amazon Web Services engineers created a fork, OpenSearch, to give the community the ability to use an open version.

In Semgrep's case, founder O'Malley argues that the company has an incentive to keep the Community Edition well-maintained and strong, while the Opengrep team has not demonstrated their product will be an improvement. Two parallel projects is never ideal, he says.

"Multiple forks can create confusion, making it harder for individuals to know where to contribute and what’s actively maintained," O'Malley says. "That’s always a risk with fragmentation in open source. Our priority is keeping Semgrep CE strong, well-maintained, and growing. Developers and security engineers relying on it should feel confident that we're committed to its long-term success and a thriving ecosystem."

**About the Author**

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Code-Scanning Tool's License at Heart of Security Breakup

The Cyber Trust Mark has the potential to change how we define and measure security at the endpoint level. But potential isn't enough.

Source: Wavebreakmedia Ltd FUS1507-1 via Alamy Stock Photo

COMMENTARY

In the chaotic world of cybersecurity, where attackers innovate faster than we can patch and secure endpoints, trust often feels like a mirage. Between deciphering new attack patterns and troubleshooting operational headaches, I can't help but wonder: How can we rebuild endpoint trust in an era of AI-driven attacks and hybrid work environments?

The Cyber Trust Mark, a recently proposed initiative to label trustworthy devices, claims to offer clarity and build consumer and corporate confidence in this digital chaos. But will it stand the test of enterprise realities, or will it join the graveyard of good ideas that failed to scale? I believe it has potential — but only if paired with actionable AI-driven insights and dynamic enforcement.

**AI: Savior of Cybersecurity or Saboteur?**

AI tools have been a game changer for cybersecurity. They can autonomously detect anomalies, triage vulnerabilities at scale, and even predict attack vectors. A 2023 study by the MIT Technology Review Insights revealed that 62% of security leaders are leveraging AI to speed up decision-making in threat detection. From my vantage point, tools like these are indispensable — particularly when dealing with sprawling endpoint ecosystems.

However, there's a darker side to AI. A 2023 report by ISACA underscores how attackers are weaponizing AI to create polymorphic malware and bypass traditional security controls. AI is only as good as the data it's trained on, and enterprise data environments are far from perfect. According to the article "Understanding and Avoiding AI Failures: A Practical Guide" by Robert Williams and Roman Yampolskiy, published in Philosophies, AI often fails in environments with noisy or incomplete data, resulting in false positives that drain security team resources. This duality — AI as both defender and enabler of threats — is precisely why human oversight remains irreplaceable in endpoint management.

**The Cyber Trust Mark: Promising or Hollow?**

The Cyber Trust Mark, proposed by the Federal Communications Commission (FCC), aims to provide a transparent labeling system for secure devices — like an energy efficiency rating but for cybersecurity. According to an analysis by the National Institute of Standards and Technology (NIST), this initiative could bridge the gap between manufacturers and enterprises, offering a clear standard for endpoint security. In theory, this framework should make it easier for vulnerability analysts like me to prioritize risk, focus remediation efforts, and communicate effectively with stakeholders.

But here's my concern: Standards are only as effective as their enforcement. The article "Role of Advanced Cybersecurity Frameworks in Safeguarding Data Integrity and Consumer Trust in Digital Commerce and Enterprise Systems," published on ResearchGate, warns of the dangers of static certifications, which can quickly become outdated in a dynamic threat landscape. To be meaningful, the Cyber Trust Mark must go beyond static labeling. It must adapt in real-time, factoring in telemetry data and ongoing compliance audits. Otherwise, it risks becoming another checkbox exercise in an industry already overrun with compliance fatigue.

**Lessons From the Endpoint Trenches**

Let me paint a picture from my own experience. Recently, while managing endpoint vulnerabilities for a critical application, I encountered a legacy system — a dinosaur in tech terms. AI-driven tools flagged it as "secure" because it met basic encryption standards, but manual analysis revealed vulnerabilities in its outdated protocols. This is a recurring theme in VM: Tools can't handle nuance, and legacy systems refuse to die. A similar fate could await the Cyber Trust Mark if it fails to address the messy realities of enterprise environments.

So how do we avoid this? I propose the following:

1.  AI-augmented oversight: AI can provide baselines, but human analysts must validate its findings. Studies from Carnegie Mellon University confirm that a hybrid approach reduces false positives by 30% and could provide deeper insights.
    
2.  Dynamic trust scoring: The Cyber Trust Mark should evolve based on real-time telemetry.
    
3.  Collaboration across ecosystems: Public-private partnerships are essential to make the Cyber Trust Mark universally meaningful. The World Economic Forum's 2023 cybersecurity framework emphasizes how global standards succeed only when multiple stakeholders align on enforcement and data sharing.
    

**The Cyber Trust Mark Needs to Be More Than a Marketing Label**

The Cyber Trust Mark has the potential to change how we define and measure security at the endpoint level. But potential isn't enough. If this initiative is going to work, it needs teeth: dynamic scoring, transparent enforcement, and continuous oversight. AI can be a powerful ally, but we can't rely on it alone. The human element — our judgment, our experience, our ability to see through the cracks — is what ultimately will determine the success of this framework.

Here's what I'd like to see: a Cyber Trust Mark that isn't afraid to fail fast and learn faster. A system that acknowledges the imperfect trial-and-error nature of enterprise security. And most importantly, a trust framework that doesn't just label endpoints as "secure," but tells us why they're secure — and for how long.

**Call to Action: Rebuilding Trust Together**

Security professionals, developers, vendors, policymakers — we all have a stake in making this work. As someone on the frontlines of endpoint management, I challenge you to weigh in: What does trust mean to you, and how do we operate it in a rapidly evolving threat landscape? Let's not just label trust — let's build it.

**About the Author**

Security Specialist, IBM

Chris "CT" Thomas currently is security specialist for IBM. Starting his career in healthcare technology, he developed a strong foundation in protecting critical systems and sensitive data. As an email security specialist, he expanded my expertise in defending communication channels against evolving threats. At IBM, he sharpened his skills in vulnerability management, focusing on identifying and mitigating risks to secure enterprise systems. Curiosity drives his work in cybersecurity — he is passionate about breaking down complex systems to understand and improve them. His current focus is on VM, AI, and disaster recovery for AI systems and endpoints, ensuring resilience and security in dynamic environments. When he's not tackling cybersecurity challenges, you’ll find him running or enjoying a great slice of pizza.

Can AI &amp; the Cyber Trust Mark Rebuild Endpoint Confidence?

No ransomware groups have yet to claim responsibility for either attack, and both institutions have yet to reveal what may have been stolen.

Source: NicoElNino via Alamy Stock Photo

Two healthcare institutions, Frederick Health and New York Blood Center Enterprises (NYBCe), are grappling with disruptions from separate ransomware attacks they faced this past week.

Frederick Health posted an update to its website on Jan. 27 noting that it "recently identified a ransomware event" and is working to contain it with third-party cybersecurity experts to get its systems back online.

Though most of its facilities remain open and are still providing patient care, Frederick Health reported that its Village Laboratory is closed and that patients may experience some operational delays.

New York Blood Center Enterprises, a nonprofit made up of a collection of independent blood centers, first identified suspicious activity affecting its IT systems on Jan. 26. On Jan. 29, it alerted the public that it took its systems offline in an effort to contain the threat, which was attributed to a ransomware attack. NYBCe is working to restore its systems; however, it remains unclear when it will be fully operational again. The organization expects processing times for blood donations at its centers and offsite blood drives may take longer than usual.

Neither institutions has released any information regarding who breached them or if any information was stolen; no ransomware groups have yet to take responsibility for the attacks.

**A Never-Ending List**

Ransomware attacks have become a harsh reality in healthcare. Unlike other industrial sectors that face similar threats, it's not just reputational damage or financial strain — in the medical field it's patients' lives at stake.

According to a 2024 Microsoft study, nearly 400 US healthcare organizations were infected with ransomware, with the average reported payment as high as $4.4 million. The downtime these facilities experience while getting back on their feet can cost up to $900,000. 

Healthcare institutions offer a plethora of information and data types, ranging from medical records to financial details, and a variety of personally identifiable information.

"Many healthcare organizations operate with limited cybersecurity funding and staffing, prioritizing patient care over IT security investments," Heath Renfrow, co-founder of Fenix24, tells Dark Reading. "The vast number of endpoints, third-party vendors, and interconnected systems create a broad attack surface, while the inability to routinely take systems offline for maintenance exacerbates vulnerabilities."

And when threat actors do decide to breach these healthcare organizations' networks, they steal this information, holding it for ransom while knowing that their efforts will pay off because these healthcare systems have everything to lose. For them, these malicious events only add to the intensity of the life-and-death situations they experience every day.

Ultimately, this is why the reported ransom payments are often so high, since healthcare institutions have a known track record for their willingness to pay bad actors whatever's necessary in order to get their patients the care they need.

**Strategizing Against Wayward Morals**

Combating the ransomware scourge has tested lots of organizations and security professionals. The ransomware groups have shown themselves adept at evolving their use of technology to circumvent new fixes; their business models are constantly evolving with affiliates, commissions, and even referral programs.

"Some ransomware groups claim to have ethical boundaries, stating they won't target hospitals, but history has shown that these promises are often empty, with critical care facilities still falling victim," Renfrow says. "On the other side, healthcare organizations have an ethical duty to protect patient data and ensure operational resilience. However, constrained budgets and competing priorities often force tough decisions between investing in cybersecurity and funding direct patient care."

But changes must be made to cybersecurity practices in the healthcare industry if patient care is going to prevail in the long run.

In May 2024, the Advanced Research Projects Agency for Health (ARPA-H), a funding agency created by the Biden administration, committed $50 million to help create software for making hospitals more cyber resilient.

The program, called Universal Patching and Remediation for Autonomous Defense (Upgrade), is focused on areas such as vulnerability management, auto-detection, defense, and more, and seeks to bring together hospital IT staff, equipment managers, and cybersecurity experts to uncover cybersecurity vulnerabilities.

And even the Department of Health and Human Services (HHS) saw the importance of bolstering healthcare cybersecurity programs after a United Healthcare subsidiary was targeted by the BlackCat ransomware group early last year, leading to disarray and outages in what was one of the worst breaches the healthcare sector has ever seen.

As for what healthcare institutions themselves can do, Renfrow says that "immutable backups with guaranteed return-to-operations (RTO) must be their top priority — not just assumed, but tested and proven" as this "ensures that when — not if — an attack happens, healthcare organizations can restore operations immediately, without disruption, without ransom."

"In today's world," he says, "true resilience is the only security guarantee."

Healthcare Sector Charts 2 More Ransomware Attacks

Whether by intercepting its traffic or just giving it a little nudge, GitHub's AI assistant can be made to do malicious things it isn't supposed to.

Source: Mykhailo Polenok via Alamy Stock Photo

Researchers have discovered two new ways to manipulate GitHub's artificial intelligence (AI) coding assistant, Copilot, enabling the ability to bypass security restrictions and subscription fees, train malicious models, and more.

The first trick involves embedding chat interactions inside of Copilot code, taking advantage of the AI's instinct to be helpful in order to get it to produce malicious outputs. The second method focuses on rerouting Copilot through a proxy server in order to communicate directly with the OpenAI models it integrates with.

Researchers from Apex deem these issues vulnerabilities. GitHub disagrees, characterizing them as "off-topic chat responses," and an "abuse issue," respectively. In response to an inquiry from Dark Reading, GitHub wrote, "We continue to improve on safety measures in place to prevent harmful and offensive outputs as part of our responsible AI development. Furthermore, we continue to invest in opportunities to prevent abuse, such as the one described in Issue 2, to ensure the intended use of our products."

**Jailbreaking GitHub Copilot**

"Copilot tries as best as it can to help you write code, \[including\] everything you write inside a code file," Fufu Shpigelman, vulnerability researcher at Apex explains. "But in a code file, you can also write a conversation between a user and an assistant."

In the screenshot below, for example, a developer embeds within their code a chatbot prompt, from the perspective of an end user. The prompt carries ill intent, asking Copilot to write a keylogger. In response, Copilot suggests a safe output denying the request:

Source: Apex

The developer, however, is in full control over this environment. They can simply delete Copilot's autocomplete response, and replace it with a malicious one.

Or, better yet, they can influence Copilot with a simple nudge. As Shpigelman notes, "It's designed to complete meaningful sentences. So if I delete the sentence 'Sorry, I can't assist with that,' and replace it with the word 'Sure,' it tries to think of how to complete a sentence that starts with the word 'Sure.' And then it helps you with your malicious activity as much as you want." In other words, getting Copilot to write a keylogger in this context is as simple as gaslighting it into thinking it wants to.

Source: Apex

A developer could use this trick to generate malware, or malicious outputs of other kinds, like instructions on how to engineer a bioweapon. Or, perhaps, they could use Copilot to embed these sorts of malicious behaviors into their own chatbot, then distribute it to the public.

**Breaking Out of Copilot Using a Proxy**

To generate novel coding suggestions, or process a response to a prompt — for example, a request to write a keylogger — Copilot engages help from cloud-based large language models (LLM) like Claude, Google Gemini, or OpenAI models, via those models' application programming interfaces (APIs).

The second scheme Apex researchers came up with allowed them to plant themselves in the middle of this engagement. First they modified Copilot's configuration, adjusting its "github.copilot.advanced.debug.overrideProxyUrl" setting to redirect traffic through their own proxy server. Then, when they asked Copilot to generate code suggestions, their server intercepted the requests it generated, capturing the token Copilot uses to authenticate with OpenAI. With the necessary credential in hand, they were able to access OpenAI's models without any limits or restrictions, and without having to pay for the privilege.

And this token isn't the only juicy item they found in transit. "When Copilot \[engages with\] the server, it sends its system prompt, along with your prompt, and also the history of prompts and responses it sent before," Shpigelman explains. Putting aside the privacy risk that comes with exposing a long history of prompts, this data contains ample opportunity to abuse how Copilot was designed to work.

A "system prompt" is a set of instructions that defines the character of an AI — its constraints, what kinds of responses it should generate, etc. Copilot's system prompt, for example, is designed to block various ways it might otherwise be used maliciously. But by intercepting it en route to an LLM API, Shpigelman claims, "I can change the system prompt, so I won't have to try so hard later to manipulate it. I can just \[modify\] the system prompt to give me harmful content, or even talk about something that is not related to code."

For Tomer Avni, co-founder and CPO of Apex, the lesson in both of these Copilot weaknesses "is not that GitHub isn't trying to provide guardrails. But there is something about the nature of an LLM, that it can always be manipulated no matter how many guardrails you're implementing. And that's why we believe there needs to be an independent security layer on top of it that looks for these vulnerabilities."

**About the Author**

Nate Nelson is a writer based in New York City. He formerly worked as a reporter at Threatpost, and wrote "Malicious Life," an award-winning Top 20 tech podcast on Apple and Spotify. Outside of Dark Reading, he also co-hosts "The Industrial Security Podcast."

New Jailbreaks Allow Users to Manipulate GitHub Copilot

The rate of evolution has been glacial, but tools now understand cloud environments and can target Web applications.

Alex Haynes, Chief Information Security Officer, IBS Software

January 30, 2025

4 Min Read

Source: Rancz Andrei via Alamy Stock Photo

COMMENTARY

When automated pen-testing tools appeared a few years ago they prompted an interesting question: How close are they to replacing human pen testers? While the short answer was "not that close — yet," they definitely had potential and were worth keeping an eye on.

As I've just had the chance to review the latest iteration of these tools, it's interesting to see how they've evolved and how close are they now are to replacing the human pen tester for offensive security work.

When I test an automated pen tester, I compare it with a human one, in terms of speed, capability, and capacity, as well as output (i.e., the resulting report). The big problems earlier automated pen testers suffered from included:

*   Difficulty exploiting or seeing certain things that are obvious to human pen testers, including taking advantage of vulnerabilities that have publicly released exploits
    
*   Did not understand Web applications, at all 
    
*   Could only be used from "inside" the network; they couldn't pen test from the outside (mainly due to the aforementioned ignorance of Web applications)
    

**How Have Automated Pen Testers Changed Since Then?**

New pen testers finally understand Web applications — hooray! They can attack them both from inside and outside the perimeter. This is a welcome development, but they still have teething issues. Due to a very mature market in Web application scanners they would need to be able to both detect vulnerabilities with a low false positive ratio and be able to exploit them to pivot to other assets.

Unfortunately, they don't do this well enough to be distinctive in their own right — they'll find vulnerabilities that are obvious enough, but on a vulnerable box weren't able to detect even blatant SQLi or validate potential XSS vulnerabilities to weed out false positives. There are flashes of brilliance, however. An internal Web endpoint had a file upload vulnerability that was previously undetected by any other tool (this wasn't even found by human pen testers), but overall, it's underwhelming. Today's offerings in Web application scanners will do much better than this.

The second big improvement is cloud environments. As most pen testers will tell you, navigating an on-premises Active Directory-based environment is markedly different from pivoting in a native Amazon Web Services (AWS) environment, as the assets and the exploits you will use are completely different. Privilege escalation now relies on leveraging poorly configured cloud assets to abuse an identity and access management (IAM) role or grab some AWS keys to go further. Naturally, you'll also find the traditional vulnerabilities that include unpatched machines and misconfigured ports and services. Here, again, automated pen-testing tools have evolved, and can navigate and understand these environments. This puts them on par with CNAPP-type offerings, since they aren't bound by the traditional VM- or IP-bound asset.

As the cloud is a relatively new sphere for these tools, they can struggle. Unless they are given an assumed role, they won't find much at all. What's worse, they will flag the fact that they've assumed an IAM role a vulnerability itself — this would be like giving pen testers local admin abilities so they can begin a pen test and them pointing out your security is bad because you've just given them local admin.

Automated pen testers also struggle to enumerate their own network when they are given access — machines that are obviously on the same virtual private cloud (VPC) or virtual LAN (VLAN) will be ignored or scanned haphazardly. This is better than some automated pen testing tools that still don't even work in cloud environments unless they can reach an Active Directory machine. 

**Automated Pen Testers' Advantages**

All of the other advantages you'd expect from these tools remain, however. They can run through an iteration of a pen test quickly — in a matter of hours if you wish (this is configurable). The reports they produce are top-notch and comparable to any report a human pen tester would produce. If you were to hand this to a qualified security assessor (QSA), they would have a hard time distinguishing the difference.

Naturally, due to their automated nature, you can propagate these on huge environments and repeat them on a daily basis if you wish. This is where automated pen testers leave humans in the dust — no company can repeat daily pen tests on large environments, even with significant budgets, nor would the human team be able to complete it in this time and write up a report with verifiable actions to make it meaningful enough. (Keep one thing in mind: These tools aren't cheap.)

Overall, it's good to see these tools evolve. The rate of change is glacial, but they now understand cloud environments and can target Web applications, though they are still temperamental, costly, and miss a few things. One could argue humans are the same. For now, however, humans maintain the advantage — but they aren't mutually exclusive. Just like crowdsourced security and traditional pen testing, automated pen testing is now another tool that can be layered onto your offensive security testing, where it can help you find the exploits that matter to your organization.

**About the Author**

Chief Information Security Officer, IBS Software

Alex Haynes is a former pen tester with a background in offensive security and is credited for discovering vulnerabilities in products by Microsoft, Adobe, Pinterest, Amazon Web Services and IBM. He is a former top 10 ranked researcher on Bugcrowd and a member of the Synack Red Team. He is currently CISO at IBS Software. Alex has contributed to United States Cyber Security Magazine, Cyber Defense Magazine, Infosecurity Magazine, and IAPP tech blog. He also has spoken at security conferences including OWASP and ISC Security Summits.

Automated Pen Testing Is Improving — Slowly

The addition of Solvo CSPM to CYE Hyver aims to address the need for multicloud vulnerability monitoring and risk assessment.

Source: Nicolas Menijes Crego via Alamy Stock Photo

NEWS BRIEF

CYE has acquired Solvo as part of its goal to expand the capabilities of its continuous exposure management platform. Terms of the acquisition were not disclosed.

The deal, announced on Wednesday, brings together two Israeli-based cybersecurity companies. CYE will combine Solvo's Cloud Security Posture Management (CSPM) and Cloud Infrastructure Entitlement Management (CIEM) offerings with its own Hyver platform. According to CYE founder and CEO Reuven Aronashvili, CYE will integrate Solvo's CSPM capabilities next quarter to boost its customers' ability to continuously assess and mitigate cyber-risks in multicloud and hybrid infrastructure environments.

Hyver, which provides visual views of an organization's security posture, is designed to prioritize risks, compare the cost of a breach with the cost of remediation, provide risk mitigation planning, measure cybersecurity maturity, and create remediation plans. It also integrates with various security tools and platforms, enabling the sharing of threat detection telemetry. Solvo CSPM provides continuous monitoring of cloud environments while also prioritizing risks, discovering misconfigurations and compliance risks, and visualizing cloud assets and network and identity and access management (IAM) configurations to determine risks.

The need to bring Solvo's CSPM capability to Hyver became apparent as customers were accelerating the migration of their systems and applications to the cloud, Aronashvili says.

"We needed some kind of native access to the cloud environment in order to address access level, encryption level, MFA connectivity, and so on," Aronashvili says. "All those elements that are covered today with different cloud providers and platforms out there are missing in a lot of the coverage today."

Solvo offers native integration with Amazon Web Services, Microsoft Azure, and Google Cloud, which Aronashvili said has become a critical requirement for CYE's Hyber.

"The multicloud aspect was very important to us," he says. "Now we're able to provide an organization with a very comprehensive and complete risk evaluation process that considers all the different aspects of cybersecurity."

Aronashvili founded CYE in 2012 after working as a cybersecurity specialist while serving in the Israel Defense Forces. CYE started out as a professional services company, but in 2021 it rolled out Hyver after receiving $100 million in funding from EQT, with participation from its initial investor, 83 North. In 2023, CYE acquired Baseline's vulnerability analysis platform from Cyberillium, which added automated attack route creation and prioritization to the Hyver platform.

**About the Author**

Contributing Writer

Jeffrey Schwartz is a journalist who has covered information security and all forms of business and enterprise IT, including client computing, data center and cloud infrastructure, and application development for more than 30 years. Jeff is a regular contributor to Channel Futures. Previously, he was editor-in-chief of Redmond magazine and contributed to its sister titles Redmond Channel Partner, Application Development Trends, and Virtualization Review. Earlier, he held editorial roles with CommunicationsWeek, InternetWeek, and VARBusiness. Jeff is based in the New York City suburb of Long Island.

Exposure Management Provider CYE Acquires Solvo

Amateurish financial scams are common across Africa, and Namibia's influential former first lady, Monica Geingos, has emerged as a particularly effective host body for these messages.

Source: Sipa USA via Alamy Stock Photo

Scammers are using the likeness of Namibia's former first lady to trick people into falling for investment scams.

For some time now, Monica Geingos — first lady of Namibia from 2015 until her husband's passing early last year — has been warning Namibians about criminals using her likeness to perpetrate cheap financial scams. In a video posted online last week, Geingos reported an "uptick" in accounts impersonating her across social media platforms, with some using manipulated videos. Dark Reading has reached out to representatives of Mrs. Geingos for more information.

**Namibian Impersonation Scams**

Across Africa, as much as anywhere else on the globe, impersonation of political leaders, celebrities, and other generally influential figures feature prominently in investment scams.

Rachael Shitanda, vice chair of East Africa at the Africa Information & Communication Technologies Alliance (AfICTA), recalls a wealth of similar incidents affecting her home country of Kenya. "There were cases where fraudsters created fake social media accounts for Transport Cabinet Secretary Kipchumba Murkomen, promising job opportunities in exchange for 'processing fees.' These types of scams often target vulnerable job seekers. In another instance, fraudsters impersonated Deputy President Rigathi Gachagua in a fake investment scheme. They used doctored videos and photos to make the scam more convincing, leading several Kenyans to fall victim."

Geingos' combination of regional influence, having been voted one of Namibia's 12 most influential people in 2012 and one of Africa's 100 most influential women in 2020, and financial experience — she is a former employee of Namibia's Stock Exchange (NSX) and chairman of the board of eBank Namibia — make her a particularly effective vessel for these kinds of impersonation scams.

Source: Monica Geingos, The 3rd First Lady of Namibia on Facebook

Typically, scammers have impersonated Geingos on social media to promote fake foreign exchange (forex) trading platforms, or other forms of get-rich-quick schemes. Recently, Gengos said in her video, "Somebody received a video call, purportedly of me, convincing them to invest in some kind of weird forex \[foreign exchange\] schemes." These sorts of videos appear to be using real footage, dubbed over with fake audio intended to sound like a recording of her voice.

**Combating Online Scams in Africa**

These tricks seem to be working, as evidenced by the rising attacks against Geingos. "Something that has surprised \[my team\] of late is how ubiquitous it's become across social media platforms," she has said. And in one case, Geingos told the BBC, a woman who fell victim to one of these scams was swindled out of her retirement savings.

To Shitanda, there are a few main reasons why cyber scams might be particularly effective in Africa. First, law enforcement bodies have limited resources to fight rapidly evolving cyber threats. Plus, the criminals themselves operate across national borders, making them harder to track down and apprehend.

That said, Namibia's government has made some efforts to push back. Its state-owned Bank of Namibia founded a cybersecurity council aimed at combating online fraud in 2022, and a national cybercrime bill is currently undergoing a redrafting by the country's Ministry of Information and Communication Technology (MICT). Meanwhile, last summer, the International Criminal Police Organization (INTERPOL) concluded a major operation called First Light that, among targets in 60 other countries, busted up a scam ring in Namibia's capital city, Windhoek. Authorities seized hundreds of computers and mobile phones, and freed 88 children "who were forced into conducting scams."

Law enforcement aside, though, scammers are aided by more intractable core issues with how people engage with the Web. Digital literacy is lagging in some parts of the continent, Shitanda explains, and citizens of her country have a culture of trust in what they see: "People often believe messages from public figures without questioning their authenticity."

**About the Author**

Nate Nelson is a writer based in New York City. He formerly worked as a reporter at Threatpost, and wrote "Malicious Life," an award-winning Top 20 tech podcast on Apple and Spotify. Outside of Dark Reading, he also co-hosts "The Industrial Security Podcast."

Fake Videos of Former First Lady Scam Namibians

While Microsoft has boosted the security of Windows Print Spooler in the three years since the disclosure of the PrintNightmare vulnerability, the service remains a spooky threat that organizations cannot afford to ignore.

The 2021 PrintNightmare vulnerability exposed multiple deep-rooted security flaws in Microsoft's Print Spooler service, a core Windows component. The flaws, which had persisted in the Print Spooler for years, forced Microsoft to change the default behavior of the service and organizations to change how they enabled printing services for users. While Microsoft's changes have overall improved Print Spooler's security, researchers caution that the service remains a prime target for attackers. The potential weaknesses resulting from Microsoft's efforts to maintain backward compatibility with legacy code leaves Print Spooler vulnerable.

**A Critical Security Weakness**

PrintNightmare gave attackers a way to gain system-level privileges on affected systems, which included everything from domain controllers and Active Directory systems to lower-end servers and client systems. The flaw (CVE-2021-34527) stemmed from the Windows Print Spooler service improperly handling printer driver installations, allowing attackers to run arbitrary code, download malware, create new user accounts, or view, change, and delete data on affected systems.

The vulnerability arose from the service's failure to properly validate permissions for installing printer drivers, combined with its capability to accept remote connections via the Remote Procedure Call (RPC) protocol. This allowed attackers to remotely install malicious drivers and execute arbitrary code with elevated privileges, even from minimally privileged accounts. Researchers estimated that over 90% of Print Spooler environments at the time were impacted by PrintNightmare. The sheer scope of the threat prompted urgent calls from Microsoft, the US Cybersecurity and Infrastructure Security Agency (CISA), and others to apply immediate remediation measures.

"In the years following PrintNightmare, there have been exploits that have taken advantage of the remote aspect of the Print Spooler service," says Ben McCarthy, lead cyber security engineer at Immersive Labs.

There are a number of reasons why this is the case, he says, including the fact that the service is remotely accessible and allows for lateral movement.

"Furthermore, when large vulnerabilities are released, like PrintNightmare, it tips off hackers around the world that there may be more vulnerabilities in that component of Windows," McCarthy says. He also points to a report by researchers from China that described the internals of how Print Spooler worked as likely contributing to the discovery of multiple vulnerabilities in the service following the disclosure of PrintNightmare.

**Unprecedented Attention on Print Spooler Weaknesses**

The PrintNightmare vulnerability focused near unprecedented attention on the security of Microsoft's notoriously buggy Print Spooler service.

In the weeks and months following the disclosures, security researchers — many of them from Microsoft itself — uncovered as many as 11 Print Spooler vulnerabilities in 2021 alone. The first of these post-PrintNightmare Print Spooler vulnerabilities was CVE-2021-34481, a remote code execution vulnerability that Microsoft patched on July 15, 2021. The bug was publicly disclosed before Microsoft had a fix for it, but it did not end up getting exploited.

Like PrintNightmare, CVE-2021-34481 stemmed from the Windows Print Spooler service improperly handling printer driver installations, allowing attackers to load malicious drivers with system-level privileges. The flaw — and PrintNightmare before it — prompted Microsoft to change the default behavior of Point and Print, a Windows feature that lets users connect to network printers and automatically download and install the required printer drivers. Microsoft changed the default behavior to ensure that only users with administrative privileges could install new printers or update existing printer drivers.

The other Print Spooler related flaws discovered in 2021 were CVE-2021-34483, CVE-2021-36936, CVE-2021-36947, CVE-2021-36958, CVE-2021-36970, CVE-2021-38667, CVE-2021-38671, CVE-2021-40447, CVE-2021-1675, and CVE-2021-41332.

In total, Microsoft has disclosed some 53 Print Spooler related vulnerabilities since PrintNightmare was disclosed in 2021, says Satnam Narang, senior staff research engineer at Tenable. In addition to the 11 in 2021, Microsoft disclosed 35 in 2022, four in 2023, and three more in 2024. The three disclosed in 2024 were CVE-2024-21433, CVE-2024-38198, and CVE-2024-43529.

"Per the CISA Known Exploited Vulnerabilities \[KEV\] catalog, there were four Print Spooler vulnerabilities exploited in the wild," Narang says. All were from 2022:  CVE-2022-38028, CVE-2022-41073, CVE-2022-22718, and CVE-2022-21999.

Nearly half (45%) of these were disclosed by internal teams at Microsoft.

"It’s likely that this proactive, offensive approach led to the mitigation of many of the pathways to exploitation because we saw a steep decline in the number of reported Print Spooler vulnerabilities since \[2022\]," Narang says, pointing to the fact that Microsoft reported only seven Print Spooler vulnerabilities in total across 2023 and 2024.

Significantly, Microsoft has not disclosed a single remote code execution bug — usually the most severe — in its Print Spooler service since 2021, he adds. Instead, they have all have been an elevation of privilege bugs — which attackers typically leverage only after they have already gained initial access to a system — or information disclosure flaws. It's a positive development that likely is a result of all the research that has gone into finding vulnerabilities in the software since PrintNightmare, Narang says.

"From an outside-looking-in perspective, it appears that PrintNightmare was the catalyst for shoring up security within the Windows Print Spooler, making it increasingly difficult for attackers to exploit," Narang says.

**A Persistent Threat**

Even so, it's a mistake to take Print Spooler security for granted. The service remains a big target for attackers due to its complexity and integral role in the Windows operating system, says Mike Walters, president and co-founder of Action1. The service's legacy codebase and the need for backward compatibility also continue to present ongoing challenges, he notes.

The fact that the service is remotely accessible by any user is another reason Print Spooler remains a target of interest for attackers, adds Ben McCarthy, lead cyber security engineer at Immersive Labs. Flaws in the service give attackers an opportunity for lateral movement and privilege escalation, he says.  

"The Print Spooler service handles print jobs and communicates with printers, often using RPC for interprocess and network interactions, which introduces a broad attack surface," McCarthy says. "Vulnerabilities often arise from unchecked inputs, weak \[access control lists\], and improper handling of permissions, allowing attackers to exploit these mechanisms to execute arbitrary code or gain system-level privileges."

One notable example of the sustained and ongoing attacker interest in Print Spooler vulnerabilities is Russia-based APT28's use of CVE-2022-38028 in a privilege escalation and credential stealing campaign that targeted North American, European, and Ukrainian government organizations last April. Another indication of the broad researcher interest in the service is the fact that it was the US National Security Agency (NSA) that reported at least three Print Spooler vulnerabilities to Microsoft since PrintNightmare: CVE-2022-29104, CVE-2023-21678, and CVE-2022-38028.

For the most part, most attacks on Print Spooler bugs since PrintNightmare have simply been variations of existing and previously known attack vectors, according to Walters. Many of the vulnerabilities discovered in 2021, 2022, 2023, and 2024 are privilege escalation or remote code execution flaws that exploit similar vulnerabilities \[as\] PrintNightmare, such as improper input validation, inadequate permission checking, and the ability to load malicious drivers, Walters points out.

However, Microsoft's desire to maintain backward compatibility with legacy code has left the company addressing Print Spooler vulnerabilities at the protocol and function handler side. So expect to see researchers continuing to pound away at PrintNightmare-like bugs in Print Spooler, Walters says.

**Microsoft's Changes to Point and Print**

Besides issuing patches and offering mitigation advice for specific Print Spooler vulnerabilities, Microsoft has taken other steps to mitigate Print Spooler risks since PrintNightmare. One of the most significant is the change the company made to the default behavior of the Point and Print function associated with Print Spooler. The feature, designed to simplify the installation of printers for end users, originally allowed a user to connect to network printers and automatically download and install the required printer drivers without needing administrative privileges. Following PrintNightmare and CVE-2021-34481, Microsoft changed the feature's default behavior to ensure only users with administrative rights could do printer driver installation and updates.

At the time, Microsoft acknowledged the change could disrupt existing practices at organizations. "However, we strongly believe that the security risk justifies this change," it noted.

"Microsoft introduced the 'RestrictDriverInstallationToAdministrators' registry key and the corresponding Group Policy setting. When enabled, it enforces that only administrators can install printer drivers through Point and Print," Walters notes. Microsoft also disabled inbound remote printing by default on certain systems and strengthened the requirement for printer drivers to be digitally signed by a trusted certificate authority and some others, he notes.

In addition, new Group Policy settings that Microsoft introduced after PrintNightmare allow administrators to enforce strict controls over the print spooler service, including limiting which servers can deliver print jobs or drivers, Walters says.

"Disabling certain features by default, such as inbound remote printing, helps minimize the attack surface for systems that do not need such functionality," he notes.

PrintNightmare presented a challenge for Microsoft because fixing it required architectural changes that impacted many organizations around the world. 

"The biggest change that affected many sysadmins was the change to the way users can connect to remote printers," McCarthy says. "This necessary change means that any further exploits found in this particular part of the Print Spooler service will require the attacker to be the administrator first."

**Mitigation Measures**

Print Spooler is part of Windows OS and is enabled by default on many systems, including ones where it is generally not required, such as domain controllers. It typically runs as a privileged service, meaning it has system-level privileges, making it a high value target for attackers. Organizations can disable Print Spooler if they don't require any printing services — a somewhat rare situation in a business setting

A few mitigation measures are available for organizations struggling to completely disable Print Spooler services due to business requirements. Walters lists the following as the most effective among them:

*   Regularly install patches and updates released by Microsoft.
    
*   Configure Group Policy settings to allow only administrators to install printer drivers.
    
*   Disable incoming remote printing through Group Policy when not needed.
    
*   Use allow lists to specify approved printers and print servers.
    
*   Use security tools to monitor for suspicious activity related to the print spooler service.
    
*   Isolate print servers from critical systems to prevent lateral movement in the event of a compromise.
    
*   Deploy endpoint controls to prevent unauthorized code execution.
    

He also recommends that security administration restrict network access, segment networks with print servers, and enable secure RPC over SMB for the print spooler. In addition, consider disabling legacy protocols and features such as SMBv1 and enforce strong authentication mechanisms, Walters notes.

"It's clear that disabling Print Spooler services is not feasible in its entirety," Tenable's Narang says. "But ensuring that security updates are being applied, which often include changes like the ones noted in the July 2021 out-of-band release for PrintNightmare, is the best way to safeguard against these attacks."

Source

DARKReading