A Russian threat group known as Forest Blizzard has been using a custom tool called GooseEgg to exploit a Windows Print Spooler (CVE-2022-38028) for several years.
New research shows the TinyTurla-NG backdoor uses the Chisel open-source attack framework for some communications and has a variety of post-compromise capabilities.
SentinelLabs researchers have discovered a new wiper malware called AcidPour in Ukraine, which appears to be a new version of the AcidRain malware.
The Russian threat group known as Midnight Blizzard and APT29 gained access to some Microsoft source code repositories and other sensitive data, the company said.
CISA and some its foreign partner agencies are warning that APT29 is using a variety of techniques to target cloud services and accounts.