CRN

SolarWinds Hackers Stole Info From Microsoft AD Servers In New Attack

‘What I cannot get is why customers still do not protect their AD FS keys in an HSM - if they still use AD FS. This was a key vector during the SolarWinds attack and the actor behind it is still ...
Threat Post

SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor

Microsoft is warning that the Nobelium APT is compromising single-sign-on servers to install a post-exploitation backdoor that steals data and maintains network persistence. The threat actors behind ...
Dark Reading

Microsoft Warns of 'FoggyWeb' Malware Targeting AD FS Servers

The attack group Microsoft tracks as Nobelium is using a new post-exploitation backdoor capable of stealing sensitive data from a compromised Active Directory Federation Services (AD FS) server, the ...