APT28 Deploys ‘GooseEgg’ in Attacks Exploiting the Windows Print Spooler Vulnerability, CVE-2022-38028 | allinfosecnews.com

April 24, 2024, 1:20 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

APT28 Deploys ‘GooseEgg’ in Attacks Exploiting the Windows Print Spooler Vulnerability, CVE-2022-38028

Microsoft recently shed light on a campaign orchestrated by the Russian-based threat actor Forest Blizzard, employing a custom tool named ‘GooseEgg’ to escalate privileges and pilfer credentials from networks.

Of significant concern, the threat actors exploit the CVE-2022-38028 vulnerability present in the Windows Print Spooler service. CISA, acknowledging its exploitation, promptly added the vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog on April 23, 2024.

In an alert …

actor apt28 attacks blizzard campaign credentials cve exploit exploiting forest forest blizzard gooseegg microsoft networks print print spooler privileges russian shed threat threat actor threat actors tool vulnerability windows windows print spooler

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Wireshark 4.2.5 Released, (Sat, May 18th) 5 hours ago | malware.news

article bugs center cve +13

The who, where, and how of APT attacks – Week in security with Tony Anscombe 16 hours ago | malware.news

apt article attacks campaigns +11

Leveling the cybersecurity playing field 21 hours ago | malware.news

article blumira cybersecurity entry +4

Hardware cybersecurity leader, Flexxon, introduces Server Defender 21 hours ago | malware.news

advanced article cybersecurity defender +8

Automated pentesting in the cloud 21 hours ago | malware.news

article automated challenge cloud +10

How to revamp your cybersecurity in the middle of the chaos 21 hours ago | malware.news

article attackers chaos cybersecurity +8

6K-plus AI models may be affected by critical RCE vulnerability 22 hours ago | malware.news

ai models article attacks critical +14

Zscaler annual phishing report finds a near 60% increase in phishing attacks in 2023 23 hours ago | malware.news

article attacks link media +6

Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & More - SWN #387 1 day, 1 hour ago | malware.news

amp article cisa deepfakes +8

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Security Operations Manager-West Coast

@ The Walt Disney Company | USA - CA - 2500 Broadway Street

View on infosec-jobs.com

Vulnerability Analyst - Remote (WFH)

@ Cognitive Medical Systems | Phoenix, AZ, US | Oak Ridge, TN, US | Austin, TX, US | Oregon, US | Austin, TX, US

View on infosec-jobs.com

Senior Mainframe Security Administrator

@ Danske Bank | Copenhagen V, Denmark

View on infosec-jobs.com