all InfoSec news
APT28 Deploys ‘GooseEgg’ in Attacks Exploiting the Windows Print Spooler Vulnerability, CVE-2022-38028
Malware Analysis, News and Indicators - Latest topics malware.news
Microsoft recently shed light on a campaign orchestrated by the Russian-based threat actor Forest Blizzard, employing a custom tool named ‘GooseEgg’ to escalate privileges and pilfer credentials from networks.
Of significant concern, the threat actors exploit the CVE-2022-38028 vulnerability present in the Windows Print Spooler service. CISA, acknowledging its exploitation, promptly added the vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog on April 23, 2024.
In an alert …
actor apt28 attacks blizzard campaign credentials cve exploit exploiting forest forest blizzard gooseegg microsoft networks print print spooler privileges russian shed threat threat actor threat actors tool vulnerability windows windows print spooler