#gooseegg — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #gooseegg, aggregated by home.social.
-
Russian APT28 Exploiting Windows Vulnerability with GooseEgg Tool https://www.hackread.com/russia-apt28-windows-vulnerability-gooseegg-tool/ #ForestBlizzard #Vulnerability #CyberAttacks #FancyBear #Microsoft #Security #GooseEgg #Windows #Russia #APT28
-
Microsoft reported that APT28 (Fancy Bear, Forest Blizzard) used a custom tool to elevate privileges and steal credentials in compromised networks. This GooseEgg tool leveraged CVE-2022-38028 (7.8 high, disclosed 11 October 2022 by Microsoft; Windows Print Spooler Elevation of Privilege Vulnerability) as a zero-day since at least June 2020 (possibly as early as April 2019) which was 2 years 4 months. APT28 is publicly attributed to Russian General Staff Main Intelligence Directorate (GRU). IOC provided. 🔗 https://www.microsoft.com/en-us/security/blog/2024/04/22/analyzing-forest-blizzards-custom-post-compromise-tool-for-exploiting-cve-2022-38028-to-obtain-credentials/
cc: @serghei @campuscodi @briankrebs @jwarminsky
#APT28 #cyberespionage #Russia #FancyBear #ForestBlizzard #CVE_2022_38028 #eitw #activeexploitation #GooseEgg