Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials | allinfosecnews.com

April 22, 2024, 4 p.m. | Microsoft Threat Intelligence

Microsoft Security Blog www.microsoft.com

Since 2019, Forest Blizzard has used a custom post-compromise tool to exploit a vulnerability in the Windows Print Spooler service that allows elevated permissions. Microsoft has issued a security update addressing this vulnerability as CVE-2022-38028.

The post Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials appeared first on Microsoft Security Blog.

blizzard compromise credentials cve elevation of privilege exploit exploiting forest forest blizzard forest blizzard (strontium) government microsoft non-governmental organizations (ngos) permissions print print spooler security security update service tool update vulnerability windows windows print spooler

More from www.microsoft.com / Microsoft Security Blog

Microsoft introduces passkeys for consumer accounts 1 day, 8 hours ago | www.microsoft.com

accounts blog consumer microsoft +7

Microsoft named overall leader in KuppingerCole Leadership Compass for ITDR 1 day, 23 hours ago | www.microsoft.com

and response capabilities compass detection +22

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials 1 week, 4 days ago | www.microsoft.com

blizzard compromise credentials cve +20

Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters 2 weeks, 2 days ago | www.microsoft.com

access attack attackers blog +17

How Microsoft discovers and mitigates evolving attacks against AI guardrails 3 weeks, 1 day ago | www.microsoft.com

address attacks blog guardrails +8

Explore Microsoft’s AI innovations at RSA Conference 2024 4 weeks, 1 day ago | www.microsoft.com

ai innovations blog conference event +12

Get end-to-end protection with Microsoft’s unified security operations platform, now in public preview 1 month ago | www.microsoft.com

can center comprehensive approach cybersecurity +14

Frost & Sullivan names Microsoft a Leader in the Frost Radar™: Managed Detection and Response, … 1 month, 1 week ago | www.microsoft.com

amp and response center defender +25

Microsoft Copilot for Security: General Availability details 1 month, 2 weeks ago | www.microsoft.com

amplify april availability copilot +13

Financial Crimes Compliance - Senior - Consulting - Location Open

@ EY | New York City, US, 10001-8604

View on infosec-jobs.com

Software Engineer - Cloud Security

@ Neo4j | Malmö

View on infosec-jobs.com

Security Consultant

@ LRQA | Singapore, Singapore, SG, 119963

View on infosec-jobs.com

Identity Governance Consultant

@ Allianz | Sydney, NSW, AU, 2000

View on infosec-jobs.com

Educator, Cybersecurity

@ Brain Station | Toronto

View on infosec-jobs.com

Principal Security Engineer

@ Hippocratic AI | Palo Alto

View on infosec-jobs.com