Russian Hackers Exploiting Windows Print Spooler Using GooseEgg Tool | allinfosecnews.com

April 23, 2024, 9:04 a.m. | Tushar Subhra Dutta

Cyber Security News cybersecuritynews.com

Hackers abuse Windows Print Spooler vulnerabilities because it runs with elevated SYSTEM privileges, allowing privilege escalation. Also, exploiting it enables remote code execution and credential theft. Microsoft exposed the Russian threat actor Forest Blizzard (aka APT28, Sednit, Sofacy, and Fancy Bear), who has been using a custom tool called GooseEgg to elevate privileges and steal […]

The post Russian Hackers Exploiting Windows Print Spooler Using GooseEgg Tool appeared first on Cyber Security News.

abuse actor apt28 bear blizzard called code code execution credential credential theft cyber security escalation exploiting exposed fancy bear forest forest blizzard gooseegg hackers hacking tools malware microsoft print print spooler privilege privilege escalation privileges remote code remote code execution russian russian hackers sofacy system system privileges theft threat threat actor tool vulnerabilities vulnerability windows windows print spooler

More from cybersecuritynews.com / Cyber Security News

ShadowSyndicate Hackers Exploit Aiohttp Vulnerability To Steal Sensitive Data 10 hours ago | cybersecuritynews.com

access aiohttp vulnerability asynchronous attackers +25

Florida Man Arrested For Selling Fake Cisco Device To U.S. Military 10 hours ago | cybersecuritynews.com

arrested cisco computer counterfeit +25

How U.S K-12 Schools Can Solve Their Top 10 Cybersecurity Challenges – Free E-Book 10 hours ago | cybersecuritynews.com

access book can challenges +27

AI-Based Webshell Detection Model – Detailed Overview 11 hours ago | cybersecuritynews.com

access ai-based security attackers code +23

Critical OpenVPN Zero-Day Flaws Affecting Millions of Endpoints Across the Globe 13 hours ago | cybersecuritynews.com

android bsd critical cyber security +23

Operation PANDORA Shutdown 12 Fake Call Centers that Steal Over €10M 16 hours ago | cybersecuritynews.com

10 million a network call call centers +19

CISA & FBI Release Urges Developers to Eliminate Directory Traversal Vulnerabilities 17 hours ago | cybersecuritynews.com

agency alert bureau calling +24

LayerX Security Raises $24M for its Browser Security Platform, Enabling Employees to Work Securely from … 1 day, 9 hours ago | cybersecuritynews.com

browser browser security capital dell +24

Path Traversal Vulnerability In Popular Android Apps Let Attackers Overwrite Files 1 day, 9 hours ago | cybersecuritynews.com

aim android android apps android security +26

Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)

@ IREX | Ramallah, West Bank, Palestinian National Authority

View on infosec-jobs.com

Consultant(e) Junior Cybersécurité

@ Sia Partners | Paris, France

View on infosec-jobs.com

Senior Network Security Engineer

@ NielsenIQ | Mexico City, Mexico

View on infosec-jobs.com

Senior Consultant, Payment Intelligence

@ Visa | Washington, DC, United States

View on infosec-jobs.com

Corporate Counsel, Compliance

@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX

View on infosec-jobs.com

Security Operations Engineer

@ Samsara | Remote - US

View on infosec-jobs.com