Russian Group Forest Blizzard Deploying GooseEgg Tool to Exploit CVE-2022-38028
A Russian threat group known as Forest Blizzard has been using a custom tool called GooseEgg to exploit a Windows Print Spooler
SEARCH
Dennis Fisher
Editor in ChiefDennis Fisher is an award-winning journalist who has been covering information security and privacy since 2000.
He is one of the co-founders of Threatpost and previously wrote for TechTarget and eWeek, when magazines were still a thing that existed. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. His work has appeared in The Boston Globe, The Improper Bostonian, Harvard Business School’s Working Knowledge, and most of his kids’ English papers.
- dennis@decipher.sc
- @dennisf
Featured Articles
UK Police Take Down LabHost Phishing Service
Europol and a collection of UK law enforcement agencies have disrupted the LabHost phishing platform, which targeted victims
3 Things We Still Don’t Know About the XZ Backdoor
The XZ Utils backdoor was a very subtle operation that took several years to pull off, and while some of the technical details are
Shade Ransomware Decryption Keys Published
The creators of the Shade ransomware have released the decryption keys for infected systems.
Decipher Podcast: Jeremy Oddo
Jeremy Oddo of Hollywood visualization studio The Third Floor joins Dennis Fisher to discuss the company's security challenges when moving to a fully remote workforce.
Decipher Podcast: David Brumley
David Brumley of Carnegie Mellon University and ForAllSecure joins Dennis Fisher to talk about securing the software supply chain.
Two iOS Zero Days Used in Limited Attacks
Two vulnerabilities affecting the Mail app in iOS have been used in targeted attacks and one of the flaws requires no user interaction for exploitation.
Four Zero Days Found in IBM Data Risk Manager
A security researcher discovered four zero day flaws in IBM's Data Risk Manager product that can lead to remote code execution.