{"id":42292,"date":"2021-08-12T00:00:00","date_gmt":"2021-08-12T00:00:00","guid":{"rendered":"https:\/\/www.trendmicro.com\/en_us\/research\/21\/h\/detecting-printnightmare-exploit-attempts-with-trend-micro-vision-one-and-cloud-one.html"},"modified":"2021-08-12T00:00:00","modified_gmt":"2021-08-12T00:00:00","slug":"detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/","title":{"rendered":"Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One Threat Research Engineer"},"content":{"rendered":"

<\/p>\n

<\/div>\n

PrintNightmare is one of the latest set of exploits abused for the Print Spooler vulnerabilities that have been identified as CVE-2021-1675<\/a>, CVE-2021-34527<\/a>, and CVE-2021-34481<\/a>. It is a code execution vulnerability (both remote and local) in the Print Spooler service that affects all Windows versions running the said service. A number of researchers have come up with multiple exploit variants based on different implementations (over TCP and Server Message Block or SMB). By using different function calls for Print System Asynchronous Remote Protocol (MS-PAR) misusing RpcAsyncAddPrinterDriver<\/a>, PrintNightmare can be exploited<\/a> on servers and workstations, while abusing Print System Remote Protocol (MS-RPRN) allows PrintNightmare to misuse<\/a> RpcAddPrinterDriverEx<\/a> for an impacket implementation.<\/p>\n

In this analysis, we look into the implementations of PrintNightmare and the visibility enabled by Trend Micro Vision One\u2122<\/a> and Trend Micro Cloud One\u2122<\/a> to mitigate the risks brought on by critical gaps found in systems such as the Print Spooler service. Using the indicators and attributes of exploitation attempts logged from network and endpoints, both platforms allow security teams and analysts a wider view of attack attempts for immediate and actionable response.<\/p>\n

The timeline of PrintNightmare is as follows:<\/p>\n

1.       June 8:<\/b> As part of the June security update<\/a>, the bug identified as an elevation of privilege (EOP) in the Print Spooler service was patched. The vulnerability was tagged as CVE-2021-1675<\/a>.<\/p>\n

2.       June 21:<\/b> The same bug was later classified as both a remote code execution (RCE) and an EOP vulnerability.<\/p>\n

3.       June 29:<\/b> Researchers with different RCE and EOP proofs of concept accidentally disclosed these publicly as a result of the assumption that their findings were exactly the same and that the bug had already been mitigated as part of the June security update. However, it had not been mitigated yet, and though the researchers deleted their proofs of concept, these had already been replicated and eventually cached by search engines.<\/p>\n

4.       July 1:<\/b> A new vulnerability, considered a zero-day flaw, was assigned as CVE-2021-34527<\/a>.<\/p>\n

5.       July 6:<\/b> Microsoft released<\/a> an out-of-band patch to mitigate CVE-2021-34527, but it only prevented a part of the RCE. Specifically, the patch only blocked DLLs from path implementations like \u201c\\\\server\\share\\\u201d.<\/p>\n

6.       July 7:<\/b> Researchers reported<\/a> the bypass, along with information that the universal naming convention (UNC) form of denoting paths, \u201c\\??\\UNC\\\u201d, rather than the use of \u201c\\\\\u201d, could evade the patch.<\/p>\n

7.       July 15:<\/b> Microsoft disclosed that a new EOP vulnerability in the Print Spooler service was found and assigned it as CVE-2021-34481<\/a>.  <\/p>\n

8.       August 10:<\/b> Microsoft updated CVE-2021-34481 and released the patches to prevent exploitation.<\/p>\n

Read More HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

We look into the different implementations of PrintNightmare and include recommendations on how security teams can safeguard their workloads. Read More HERE…<\/p>\n","protected":false},"author":2,"featured_media":42293,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[9510,9520,9511,9508,9555,9514,9523],"class_list":["post-42292","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trendmicro","tag-trend-micro-research-articles-news-reports","tag-trend-micro-research-cloud","tag-trend-micro-research-cyber-threats","tag-trend-micro-research-endpoints","tag-trend-micro-research-exploitsvulnerabilities","tag-trend-micro-research-iot","tag-trend-micro-research-network"],"yoast_head":"\nDetecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One Threat Research Engineer 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One Threat Research Engineer 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-08-12T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"641\" \/>\n\t<meta property=\"og:image:height\" content=\"350\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One Threat Research Engineer\",\"datePublished\":\"2021-08-12T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\\\/\"},\"wordCount\":482,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer.jpg\",\"keywords\":[\"Trend Micro Research : Articles, News, Reports\",\"Trend Micro Research : Cloud\",\"Trend Micro Research : Cyber Threats\",\"Trend Micro Research : Endpoints\",\"Trend Micro Research : Exploits&Vulnerabilities\",\"Trend Micro Research : IoT\",\"Trend Micro Research : Network\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\\\/\",\"name\":\"Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One Threat Research Engineer 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer.jpg\",\"datePublished\":\"2021-08-12T00:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer.jpg\",\"width\":641,\"height\":350},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trend Micro Research : Articles, News, Reports\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/trend-micro-research-articles-news-reports\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One Threat Research Engineer\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One Threat Research Engineer 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/","og_locale":"en_US","og_type":"article","og_title":"Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One Threat Research Engineer 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-08-12T00:00:00+00:00","og_image":[{"width":641,"height":350,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One Threat Research Engineer","datePublished":"2021-08-12T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/"},"wordCount":482,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer.jpg","keywords":["Trend Micro Research : Articles, News, Reports","Trend Micro Research : Cloud","Trend Micro Research : Cyber Threats","Trend Micro Research : Endpoints","Trend Micro Research : Exploits&Vulnerabilities","Trend Micro Research : IoT","Trend Micro Research : Network"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/","url":"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/","name":"Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One Threat Research Engineer 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer.jpg","datePublished":"2021-08-12T00:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer.jpg","width":641,"height":350},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/detecting-printnightmare-exploit-attempts-using-trend-micro-vision-one-and-cloud-one-threat-research-engineer\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Trend Micro Research : Articles, News, Reports","item":"https:\/\/www.threatshub.org\/blog\/tag\/trend-micro-research-articles-news-reports\/"},{"@type":"ListItem","position":3,"name":"Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One Threat Research Engineer"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/42292","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=42292"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/42292\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/42293"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=42292"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=42292"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=42292"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}