Lucene search
K

7 matches found

The Hacker News
The Hacker News
added 2022/08/25 1:24 p.m.60 views

Microsoft Uncovers New Post-Compromise Malware Used by Nobelium Hackers

The threat actor behind the SolarWinds supply chain attack has been linked to yet another "highly targeted" post-exploitation malware that could be used to maintain persistent access to compromised environments. Dubbed MagicWeb by Microsoft's threat intelligence teams, the development reiterates...

0.2AI score
Exploits0
HackRead
HackRead
added 2021/09/28 9:30 p.m.69 views

Microsoft warns of Nobelium hackers using FoggyWeb backdoor

By Waqas Microsoft warns of the FoggyWeb backdoor used by Nobelium, the same hacking group behind SolarWinds supply-chain attacks. This is a post from HackRead.com Read the original post: Microsoft warns of Nobelium hackers using FoggyWeb backdoor...

1.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/09/28 3:23 p.m.73 views

FoggyWeb, analysis of a Nobelium backdoor

Microsofts Threat Intelligence Center has been analyzing a custom-built backdoor that has been used by the Nobelium group since April 2021. Nobelium is the name given to the threat actor behind the attacks against SolarWinds, the Sunburst backdoor, TEARDROP malware, GoldMax malware, and other...

7.7AI score
Exploits0
ThreatPost
ThreatPost
added 2021/09/28 2:39 p.m.49 views

SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor

The threat actors behind the notorious SolarWinds supply-chain attacks have dispatched new malware to steal data and maintain persistence on victims’ networks, researchers have found. Researchers from the Microsoft Threat Intelligence Center MSTIC have observed the APT it calls Nobelium using a...

9.8CVSS9AI score0.99999EPSS
Exploits11References12
The Hacker News
The Hacker News
added 2021/09/28 6:15 a.m.32 views

Microsoft Warns of FoggyWeb Malware Targeting Active Directory FS Servers

Microsoft on Monday revealed new malware deployed by the hacking group behind the SolarWinds supply chain attack last December to deliver additional payloads and steal sensitive information from Active Directory Federation Services AD FS servers. The tech giant's Threat Intelligence Center MSTIC...

7.2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/09/27 7:0 p.m.48 views

FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor

Microsoft continues to work with partners and customers to track and expand our knowledge of the threat actor we refer to as NOBELIUM, the actor behind the SUNBURST backdoor, TEARDROP malware, and related components. As we stated before, we suspect that NOBELIUM can draw from significant...

8.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/09/27 7:0 p.m.38 views

FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor

Microsoft continues to work with partners and customers to track and expand our knowledge of the threat actor we refer to as NOBELIUM, the actor behind the SUNBURST backdoor, TEARDROP malware, and related components. As we stated before, we suspect that NOBELIUM can draw from significant...

8.1AI score
Exploits0
Rows per page
Query Builder