Techly NewsGet the app

Get the latest tech news

Windows vulnerability reported by the NSA exploited to install Russian malware


Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now.

NOW YOU KNOW — Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attacks that targeted a vast array of organizations with a previously undocumented tool, the software maker disclosed Monday. On Monday, Microsoft revealed that a hacking group tracked under the name Forest Blizzard has been exploiting CVE-2022-38028 since at least June 2020—and possibly as early as April 2019. Advertisement Since as early as April 2019, Forest Blizzard has been exploiting CVE-2022-38028 in attacks that, once system privileges are acquired, use a previously undocumented tool that Microsoft calls GooseEgg.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Russian

Russian

Photo of nsa

nsa

Photo of russian malware

russian malware

Related news:

News photo

Mass use of guided bombs driving Russian advances, says Ukraine

News photo

Russian state TV has found itself a fur-clad, 'demonstratively heterosexual' GOP 'beauty' to fawn over: Marjorie Taylor Greene

News photo

Meta comms chief handed six-year Russian prison sentence for 'justifying terrorism'

« TSMC's debacle in the desert: Missed deadlines and tension among coworkers
Walmart-backed fintech One introduces buy now, pay later as it prepares bigger push into lending »