all InfoSec news
Novel tool leveraged by APT28 to exploit old Windows vulnerability
SC Magazine feed for Risk Management www.scmagazine.com
Data exfiltration and privilege escalation attacks leveraging the novel GooseEgg hacking tool to exploit an already addressed Windows Print Spooler flaw, tracked as CVE-2022-38028, have been deployed by Russian cyberespionage operation APT28, also known as Forest Blizzard, against government, education, transportation, and non-government organizations since April 2019, BleepingComputer reports.
april apt28 attacks bleepingcomputer blizzard critical-infrastructure-security cve cyberespionage data data exfiltration data security education escalation exfiltration exploit flaw forest forest blizzard gooseegg government hacking hacking tool network security non novel old organizations print print spooler privilege privilege escalation reports russian tool transportation vulnerability windows windows print spooler windows vulnerability