"Microsoft: APT28 Hackers Exploit Windows Flaw Reported by NSA"

Microsoft warns that the Russian threat group "APT28" uses "GooseEgg," a previously unknown hacking tool, to exploit a Windows Print Spooler vulnerability. Through this exploitation, they escalate privileges as well as steal credentials and data. APT28 created this tool to target the vulnerability, tracked as CVE-2022-38028 and reported by the US National Security Agency (NSA.) Redmond fixed the flaw during the Microsoft October 2022 Patch Tuesday. Hackers from the Military Unit 26165 of Russia's Main Intelligence Directorate of the General Staff (GRU) use the tool to launch additional malicious tools and execute different commands with SYSTEM privileges. This article continues to discuss the APT28 threat group's exploitation of a Windows Print Spooler vulnerability using GooseEgg.

Bleeping Computer reports "Microsoft: APT28 Hackers Exploit Windows Flaw Reported by NSA"

Submitted by grigby1