SEARCH
Russian Group Forest Blizzard Deploying GooseEgg Tool to Exploit CVE-2022-38028
A Russian threat group known as Forest Blizzard has been using a custom tool called GooseEgg to exploit a Windows Print Spooler (CVE-2022-38028) for several years.
Decipher Podcast: Source Code 4/19
Welcome back to the Source Code podcast, Decipher’s weekly news wrap podcast with input from our sources.
A Decade of Sandworm: Digging into APT44’s Past and Future
Decipher’s Lindsey O’Donnell-Welch and Mandiant analysts Dan Black and Gabby Roncone reflect on the most pivotal moments from Sandworm over the last decade, from NotPetya to the Ukraine electric power grid attacks.
OpenMetadata Bugs Enable Kubernetes Cryptomining Attacks
Threat actors have been exploiting known vulnerabilities in open-source platform OpenMetadata in order to access Kubernetes workloads and use them for cryptomining.
UK Police Take Down LabHost Phishing Service
Europol and a collection of UK law enforcement agencies have disrupted the LabHost phishing platform, which targeted victims globally.