The Russia-based threat actor, known as APT28 or Forest Blizzard, has recently been exploiting a vulnerability known as CVE-2022-38028 within the Windows Print Spooler service using a malware called GooseEgg. CVE-2022-38028 represents an elevation of privilege vulnerability which could enable attackers to install additional malware like a backdoor or they could use these elevated privileges to perform lateral movement through the network to discover other systems that hold more sensitive information. Organizations that have not
Read MoreApril 24, 2024