April 24, 2024 at 09:15AM The US cybersecurity agency CISA has added a two-year-old Windows Print Spooler flaw, CVE-2022-38028, to its Known Exploited Vulnerabilities catalog due to exploitation by APT28. Federal agencies are required to address this vulnerability within three weeks, while all organizations are urged to perform vulnerability assessments and apply the available patches … Read more
April 22, 2024 at 09:21PM Russian spies have leveraged a Windows print spooler vulnerability to deploy GooseEgg, a custom tool, for stealing credentials and elevating privileges in compromised networks. Microsoft’s threat intelligence team revealed exploitation involving the Forest Blizzard group, linked to Russian intelligence. Microsoft patched the vulnerability in October 2022 and provided recommendations for … Read more
April 22, 2024 at 06:34PM Microsoft warned that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability using a new hacking tool called GooseEgg. APT28 has used GooseEgg since June 2020, potentially earlier, to launch malicious payloads, escalate privileges, and attack government and non-governmental organizations. APT28 has a history of high-profile cyber attacks. … Read more
April 22, 2024 at 01:25PM Microsoft warns of the Russian APT28’s GooseEgg tool exploiting Windows Print Spooler vulnerability to escalate privileges and steal data. The group, linked to Russia’s GRU, deploys GooseEgg using Windows batch scripts, dropping a malicious DLL to gain SYSTEM-level access. GooseEgg has been used in cyber attacks against various government and … Read more