CVE-2022-38028

Microsoft: APT28 hackers exploit Windows flaw reported by NSA By Sergiu Gatlan April 22, 2024 01:22 PM 0 ​Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data using a previously unknown hacking tool called GooseEgg. APT28 has been using this tool to exploit the CVE-2022-38028 vulnerability "since at least June 2020 and possibly as early as April 2019." Redmond fixed the vulnerability&n...

Microsoft: APT28 hackers exploit Windows flaw reported by NSA By Sergiu Gatlan April 22, 2024 01:22 PM 0 ​Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data using a previously unknown hacking tool called GooseEgg. APT28 designed this tool to target the CVE-2022-38028 vulnerability reported by the U.S. National Security Agency, which Redmond fixed during the Microsoft October 2022 Patch Tuesday...

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Putin's pals use 'GooseEgg' malware to launch attacks you can defeat with patches or deletion

Russian spies are exploiting a years-old Windows print spooler vulnerability and using a custom tool called GooseEgg to elevate privileges and steal credentials across compromised networks, according to Microsoft Threat Intelligence. Redmond's threat hunters on Monday published findings from the team's investigation into the specialty malware developed by Forest Blizzard (aka Fancy Bear) – the cyber espionage crew that the US and UK governments have linked to the Russian General Staff Main Int...