all InfoSec news
Russian Hackers Exploiting Windows Print Spooler Using GooseEgg Tool
Cyber Security News cybersecuritynews.com
Hackers abuse Windows Print Spooler vulnerabilities because it runs with elevated SYSTEM privileges, allowing privilege escalation. Also, exploiting it enables remote code execution and credential theft. Microsoft exposed the Russian threat actor Forest Blizzard (aka APT28, Sednit, Sofacy, and Fancy Bear), who has been using a custom tool called GooseEgg to elevate privileges and steal […]
The post Russian Hackers Exploiting Windows Print Spooler Using GooseEgg Tool appeared first on Cyber Security News.
abuse actor apt28 bear blizzard called code code execution credential credential theft cyber security escalation exploiting exposed fancy bear forest forest blizzard gooseegg hackers hacking tools malware microsoft print print spooler privilege privilege escalation privileges remote code remote code execution russian russian hackers sofacy system system privileges theft threat threat actor tool vulnerabilities vulnerability windows windows print spooler