CSOonline

APT29 targets Active Directory Federation Services with stealthy backdoor

Security researchers have recently seen a notorious cyberespionage group with ties to the Russian government deploy a new backdoor that’s designed to hook into Active Directory Federation Services (AD ...
Threat Post

SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor

Microsoft is warning that the Nobelium APT is compromising single-sign-on servers to install a post-exploitation backdoor that steals data and maintains network persistence. The threat actors behind ...
Dark Reading

Microsoft Warns of 'FoggyWeb' Malware Targeting AD FS Servers

The attack group Microsoft tracks as Nobelium is using a new post-exploitation backdoor capable of stealing sensitive data from a compromised Active Directory Federation Services (AD FS) server, the ...