APT28 Deploys ‘GooseEgg’ in Attacks Exploiting the Windows Print Spooler Vulnerability, CVE-2022-38028 | allinfosecnews.com

April 24, 2024, 1:20 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

APT28 Deploys ‘GooseEgg’ in Attacks Exploiting the Windows Print Spooler Vulnerability, CVE-2022-38028

Microsoft recently shed light on a campaign orchestrated by the Russian-based threat actor Forest Blizzard, employing a custom tool named ‘GooseEgg’ to escalate privileges and pilfer credentials from networks.

Of significant concern, the threat actors exploit the CVE-2022-38028 vulnerability present in the Windows Print Spooler service. CISA, acknowledging its exploitation, promptly added the vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog on April 23, 2024.

In an alert …

actor apt28 attacks blizzard campaign credentials cve exploit exploiting forest forest blizzard gooseegg microsoft networks print print spooler privileges russian shed threat threat actor threat actors tool vulnerability windows windows print spooler

More from malware.news / Malware Analysis, News and Indicators - Latest topics

US sets sights on partnerships to counter cyberthreats, secure AI in new global cyber strategy 6 minutes ago | malware.news

article counter critical critical infrastructure +15

Tofsee (part 1): Static Analysis 10 minutes ago | malware.news

analysis bazaar blog conference +11

Exploits, Access, Extortion: Know Your Enemy in 2024 and Beyond 16 minutes ago | malware.news

access actor analysis arm +22

Nestle Brazil Leak, Rakuzan RAT, Access Sales for Japan & UAE Companies 16 minutes ago | malware.news

access amp brazil companies +17

Financial cyberthreats in 2023 16 minutes ago | malware.news

accounts assets attackers attacks +23

What is a Software Bill of Materials ( SBOM)? 56 minutes ago | malware.news

bill build code components +13

A week in security (April 29 – May 5) an hour ago | malware.news

april a week in security breach customer +31

Taylor Swift tickets – how not to be scammed 2 hours ago | malware.news

concert demand record sales +11

Become a Certified AI Master in Cybersecurity with SOCRadar Training 2 hours ago | malware.news

certified course cutting cybersecurity +12

Head of Security Operations

@ Canonical Ltd. | Home based - Americas, EMEA

View on infosec-jobs.com

Security Specialist

@ Lely | Maassluis, Netherlands

View on infosec-jobs.com

Senior Cyber Incident Response (Hybrid)

@ SmartDev | Cầu Giấy, Vietnam

View on infosec-jobs.com

Sr Security Engineer - Colombia

@ Nubank | Colombia, Bogota

View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Menlo Park, CA | Washington, DC | Remote, US

View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Bridgwater, United Kingdom

View on infosec-jobs.com