Novel tool leveraged by APT28 to exploit old Windows vulnerability | allinfosecnews.com

April 23, 2024, 1:11 p.m. | SC Staff

SC Magazine feed for Risk Management www.scmagazine.com

Data exfiltration and privilege escalation attacks leveraging the novel GooseEgg hacking tool to exploit an already addressed Windows Print Spooler flaw, tracked as CVE-2022-38028, have been deployed by Russian cyberespionage operation APT28, also known as Forest Blizzard, against government, education, transportation, and non-government organizations since April 2019, BleepingComputer reports.

april apt28 attacks bleepingcomputer blizzard critical-infrastructure-security cve cyberespionage data data exfiltration data security education escalation exfiltration exploit flaw forest forest blizzard gooseegg government hacking hacking tool network security non novel old organizations print print spooler privilege privilege escalation reports russian tool transportation vulnerability windows windows print spooler windows vulnerability

More from www.scmagazine.com / SC Magazine feed for Risk Management

Leveling the cybersecurity playing field 1 day, 3 hours ago | www.scmagazine.com

blumira cybersecurity cybersecurity insurance entry +4

2 D-Link router bugs added to CISA’s exploited vulnerabilities catalog 1 day, 7 hours ago | www.scmagazine.com

bugs catalog cisa d-link +16

Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & More - SWN #387 1 day, 10 hours ago | www.scmagazine.com

aiml cisa deepfakes korea +4

Australians’ prescription records breached in large-scale ransomware attack 1 day, 10 hours ago | www.scmagazine.com

attack breached data federal +15

Financial companies must have data breach incident plans, SEC says 1 day, 12 hours ago | www.scmagazine.com

agents breach breach incident broker +27

Cybersecurity summit at Google tackles election threats 1 day, 12 hours ago | www.scmagazine.com

address advanced advanced technologies campus +15

Researchers: 'Adversarial attacks' capable of producing harmful AI responses 1 day, 12 hours ago | www.scmagazine.com

adversarial adversarial attacks ai-benefitsrisks aiml +21

Downgrade attacks enabled by newly discovered Wi-Fi flaw 1 day, 12 hours ago | www.scmagazine.com

attacks design endpointdevice-security flaw +14

Report: Cat-phishing of legitimate websites on the rise 1 day, 13 hours ago | www.scmagazine.com

bypass cat cat-phishing cybercriminals +18

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Consultant Sécurité SI Gouvernance - Risques - Conformité H/F - Strasbourg

@ Hifield | Strasbourg, France

View on infosec-jobs.com

Lead Security Specialist

@ KBR, Inc. | USA, Dallas, 8121 Lemmon Ave, Suite 550, Texas

View on infosec-jobs.com

Consultant SOC / CERT H/F

@ Hifield | Sèvres, France

View on infosec-jobs.com