forest blizzard (strontium) – Computer Security Articles

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

April 23, 2024 admin blizzard, elevation of privilege, forest blizzard (strontium), Government, non-governmental organizations (ngos), windows

Credit to Author: Microsoft Threat Intelligence| Date: Mon, 22 Apr 2024 16:00:00 +0000

Since 2019, Forest Blizzard has used a custom post-compromise tool to exploit a vulnerability in the Windows Print Spooler service that allows elevated permissions. Microsoft has issued a security update addressing this vulnerability as CVE-2022-38028.

The post Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials appeared first on Microsoft Security Blog.

Microsoft Security

Staying ahead of threat actors in the age of AI

February 14, 2024 admin blizzard, forest blizzard (strontium), Government, mitre att&ck, non-governmental organizations (ngos), Sandstorm, sleet, Typhoon

Credit to Author: Microsoft Threat Intelligence| Date: Wed, 14 Feb 2024 12:00:00 +0000

Microsoft, in collaboration with OpenAI, is publishing research on emerging threats in the age of AI, focusing on identified activity associated with known threat actors Forest Blizzard, Emerald Sleet, Crimson Sandstorm, and others. The observed activity includes prompt-injections, attempted misuse of large language models (LLM), and fraud.

The post Staying ahead of threat actors in the age of AI appeared first on Microsoft Security Blog.