Russian Group Forest Blizzard Deploying GooseEgg Tool to Exploit CVE-2022-38028
A Russian threat group known as Forest Blizzard has been using a custom tool called GooseEgg to exploit a Windows Print Spooler
SEARCH
Dennis Fisher
Editor in ChiefDennis Fisher is an award-winning journalist who has been covering information security and privacy since 2000.
He is one of the co-founders of Threatpost and previously wrote for TechTarget and eWeek, when magazines were still a thing that existed. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. His work has appeared in The Boston Globe, The Improper Bostonian, Harvard Business School’s Working Knowledge, and most of his kids’ English papers.
- dennis@decipher.sc
- @dennisf
Featured Articles
UK Police Take Down LabHost Phishing Service
Europol and a collection of UK law enforcement agencies have disrupted the LabHost phishing platform, which targeted victims
3 Things We Still Don’t Know About the XZ Backdoor
The XZ Utils backdoor was a very subtle operation that took several years to pull off, and while some of the technical details are
Exploits Circulating for Windows MSHTML Zero Day
Some proof-of-concept exploits have begun circulating for CVE-2021-40444 and no patch is yet available.
Attackers Exploiting Critical Flaw in Zoho Password Management Tool
Attackers are exploiting an authentication bypass flaw in Zoho's ManageEngine ADSelfService Plus password management app.
Decipher Podcast: Amélie Koran
Amélie Koran joins Dennis Fisher to talk about her start in computing with a Commodore 64, her early years in the private sector, and her security and policy work in several federal government agencies.
Microsoft Warns of Attacks on Windows MSHTML Zero Day
Attackers are exploiting a new zero day flaw in Windows (CVE-2021-40444) in targeted attacks.
Slow Uptake on Critical Confluence Update
New data shows that enterprises are not updating their Confluence instances to address a critical code execution flaw.