APT28 Exploits Windows Print Spooler Flaw with GooseEgg
APT28 Exploits Windows Print Spooler Flaw with GooseEgg
Summary:
APT28, a Russia-based threat actor, exploited a vulnerability (CVE-2022-38028) in Windows Print Spooler using malware named GooseEgg. This gave them privilege to install additional malware or move laterally within the network to find more sensitive systems. Patching Print Spooler vulnerabilities like CVE-2022-38028 is crucial to mitigate these attacks.
Threat Level – Red | Attack Report
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.