Bleeping Computer

Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows

Microsoft has discovered a new malware used by the Russian hacker group APT29 (a.k.a. NOBELIUM, Cozy Bear) that enables authentication as anyone in a compromised network. As a state-sponsored ...
Redmond Magazine

Targeting Microsoft ADFS: How Phishing Campaigns Bypass Multi-Factor Authentication to Enable Account Takeover

A sophisticated phishing campaign is targeting organizations that rely on Microsoft’s Active Directory Federation Services (ADFS), using spoofed login pages to harvest credentials and bypass ...