7 matches found
Microsoft Uncovers New Post-Compromise Malware Used by Nobelium Hackers
The threat actor behind the SolarWinds supply chain attack has been linked to yet another "highly targeted" post-exploitation malware that could be used to maintain persistent access to compromised environments. Dubbed MagicWeb by Microsoft's threat intelligence teams, the development reiterates...
Microsoft warns of Nobelium hackers using FoggyWeb backdoor
By Waqas Microsoft warns of the FoggyWeb backdoor used by Nobelium, the same hacking group behind SolarWinds supply-chain attacks. This is a post from HackRead.com Read the original post: Microsoft warns of Nobelium hackers using FoggyWeb backdoor...
FoggyWeb, analysis of a Nobelium backdoor
Microsofts Threat Intelligence Center has been analyzing a custom-built backdoor that has been used by the Nobelium group since April 2021. Nobelium is the name given to the threat actor behind the attacks against SolarWinds, the Sunburst backdoor, TEARDROP malware, GoldMax malware, and other...
SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor
The threat actors behind the notorious SolarWinds supply-chain attacks have dispatched new malware to steal data and maintain persistence on victims’ networks, researchers have found. Researchers from the Microsoft Threat Intelligence Center MSTIC have observed the APT it calls Nobelium using a...
Microsoft Warns of FoggyWeb Malware Targeting Active Directory FS Servers
Microsoft on Monday revealed new malware deployed by the hacking group behind the SolarWinds supply chain attack last December to deliver additional payloads and steal sensitive information from Active Directory Federation Services AD FS servers. The tech giant's Threat Intelligence Center MSTIC...
FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor
Microsoft continues to work with partners and customers to track and expand our knowledge of the threat actor we refer to as NOBELIUM, the actor behind the SUNBURST backdoor, TEARDROP malware, and related components. As we stated before, we suspect that NOBELIUM can draw from significant...
FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor
Microsoft continues to work with partners and customers to track and expand our knowledge of the threat actor we refer to as NOBELIUM, the actor behind the SUNBURST backdoor, TEARDROP malware, and related components. As we stated before, we suspect that NOBELIUM can draw from significant...