A sophisticated phishing campaign is exploiting ADFS with spoofed login pages to bypass MFA and take over accounts. This report explains how attackers succeed, why legacy authentication is vulnerable, ...
The attackers responsible for the SolarWinds supply chain attack have added a new arrow to their quiver of misery: A post-compromise capability dubbed MagicWeb, which is used to maintain persistent ...
Conventional access control and detection mechanisms alone are no longer sufficient to protect enterprise Active Directory Federation Services (ADFS) environments against targeted attacks. With ...
A password spraying attack is a specialized password attack commonly used by attackers that is reasonably effective and helps avoid detection by traditional password defenses. Instead of trying many ...
A new report from Microsoft describes the first time a Global Assembly Cache (GAC) implant was seen in the wild. This new malware, known as MagicWeb, from Russia-based nation-state hacking group ...
A newly discovered vulnerability in Microsoft Corp.’s Activity Directory Federation Services allows hackers to bypass multifactor authentication safeguards in a potentially serious threat to a ...
The Microsoft Incident Response (IR) team this month published a fairly comprehensive guide for IT pros responsible for securing computing environments. The long "lessons learned" IR team post is for ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback