elevation of privilege Archives - ThreatsHub Cybersecurity News

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

April 22, 2024 TH Author Blizzard, elevation of privilege, Forest Blizzard (STRONTIUM), Government, Non-governmental organizations (NGOs), Windows

Since 2019, Forest Blizzard has used a custom post-compromise tool to exploit a vulnerability in the Windows Print Spooler service that allows elevated permissions. Microsoft has issued a security update addressing this vulnerability as CVE-2022-38028.
The post Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction

October 25, 2023 TH Author Adversary-in-the-middle (AiTM), Credential Theft, elevation of privilege, extortion, human-operated ransomware, ransomware as a service, Tempest

Microsoft has been tracking activity related to the financially motivated threat actor Octo Tempest, whose evolving campaigns represent a growing concern for many organizations across multiple industries.
The post Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction appeared first on Microsoft Security Blog. READ MORE HERE…