125 matches found
Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability
Insertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclose information locally...
EUVD-2019-1710
Malware in sbrugna...
EUVD-2018-8594
Malware in sbrugna...
EUVD-2019-9838
Malware in sbrugna...
EUVD-2017-0410
Malware in sbrugna...
EUVD-2020-11948
Malware in sbrugna...
EUVD-2015-7860
Malware in sbrugna...
CVE-2020-1055
A cross-site-scripting XSS vulnerability exists when Active Directory Federation Services ADFS does not properly sanitize user inputs, aka 'Microsoft Active Directory Federation Services Cross-Site Scripting Vulnerability'...
CVE-2019-1273
A cross-site-scripting XSS vulnerability exists when Active Directory Federation Services ADFS does not properly sanitize certain error messages, aka 'Active Directory Federation Services XSS Vulnerability'...
New Silver SAML Attack Evades Golden SAML Defenses in Identity Systems
Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML "enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against...
ADFS Relying Party Trusts Disclosure
Microsoft Active Directory Federation Services ADFS is a very popular Single Sign On SSO feature offering identity federation to organizations. An ADFS server can be configured to show a login page to connect to corporate applications directly from this Identity Provider IdP. When enabled, this w...
May 9, 2023—KB5026370 (OS Build 20348.1726)
May 9, 2023—KB5026370 OS Build 20348.1726 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when new...
Solving one of NOBELIUM’s most novel attacks: Cyberattack Series
Our story begins with eight Microsoft Detection and Response Team DART analysts gathered around a customer’s conference room to solve a cybersecurity mystery. Joined by members of the customer’s cybersecurity team, they were there to figure out how a Russia-based nation-state hacking group known ...
CVE-2022-30215
Active Directory Federation Services Elevation of Privilege Vulnerability...
Privilege escalation
Active Directory Federation Services Elevation of Privilege Vulnerability...
The vulnerability of the Active Directory Federation Services (AD FS) for Windows operating systems allows a perpetrator to circumvent security restrictions and enhance their privileges.
The vulnerability of the Active Directory Federation Services AD FS for Windows operating systems is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions and increase their privileges...
SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor
The threat actors behind the notorious SolarWinds supply-chain attacks have dispatched new malware to steal data and maintain persistence on victims’ networks, researchers have found. Researchers from the Microsoft Threat Intelligence Center MSTIC have observed the APT it calls Nobelium using a...
FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor
Microsoft continues to work with partners and customers to track and expand our knowledge of the threat actor we refer to as NOBELIUM, the actor behind the SUNBURST backdoor, TEARDROP malware, and related components. As we stated before, we suspect that NOBELIUM can draw from significant...
Microsoft Active Directory Federation Services 安全特征问题漏洞
Windows Server is the brand name of a series of server operating systems released by Microsoft, including all Windows operating systems released under the brand name "Windows Server." ADFS in Microsoft Windows Server is vulnerable to a security ADFS in Microsoft Windows Server is vulnerable to a...
Abusing Replication: Stealing AD FS Secrets Over the Network
Organizations are increasingly adopting cloud-based services such as Microsoft 365 to host applications and data. Sophisticated threat actors are catching on and Mandiant has observed an increased focus on long-term persistent access to Microsoft 365 as one of their primary objectives. The focus ...