ESET experts discovered the malware, which is used by the hack group Evilnum, aimed at…
The malware, now discovered by Microsoft Threat Intelligence Center experts, is called FoggyWeb and is a “passive and highly targeted” backdoor that abuses Security Assertion Markup Language (SAML) tokens.
This tool has been in use since April 2021 and has been helping attackers remotely extract sensitive information from compromised AD FS servers by configuring HTTP levers for specific URIs to intercept GET and POST requests sent to the AD FS server.
Let me remind you that we also reported that Chinese hackers also took part in attacks on SolarWinds clients.
News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…
Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…
News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…
Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…
News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…
Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…