CRN

SolarWinds Hackers Stole Info From Microsoft AD Servers In New Attack

‘What I cannot get is why customers still do not protect their AD FS keys in an HSM - if they still use AD FS. This was a key vector during the SolarWinds attack and the actor behind it is still ...
Threat Post

SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor

Microsoft is warning that the Nobelium APT is compromising single-sign-on servers to install a post-exploitation backdoor that steals data and maintains network persistence. The threat actors behind ...
Bleeping Computer

Microsoft: Nobelium uses custom malware to backdoor Windows domains

Microsoft has discovered new malware used by the Nobelium hacking group to deploy additional payloads and steal sensitive info from Active Directory Federation Services (AD FS) servers. Nobelium, the ...
Dark Reading

Microsoft Warns of 'FoggyWeb' Malware Targeting AD FS Servers

The attack group Microsoft tracks as Nobelium is using a new post-exploitation backdoor capable of stealing sensitive data from a compromised Active Directory Federation Services (AD FS) server, the ...