Microsoft: APT28 hackers exploit Windows flaw reported by NSA BleepingComputerAnalyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials MicrosoftWindows vulnerability reported by the NSA exploited to install Russian malware Ars TechnicaRussian Group Forest Blizzard Deploying GooseEgg Tool to Exploit CVE-2022-38028 Duo SecurityMicrosoft unmasks Russia-linked ‘GooseEgg’ malware The Record from Recorded Future News