Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw
Security Affairs
APRIL 22, 2024
APT28 deployed GooseEgg to gain elevated access to target systems and steal credentials and sensitive information. GooseEgg is usually deployed with a batch script, commonly named execute.bat or doit.bat. This script creates a file named servtask.bat, which includes commands for saving or compressing registry hives.
Let's personalize your content