Microsoft warned about a new post-exploitation backdoor named FoggyWeb. A backdoor mainly created to gain admin-level access to Active Directory Federation Services (AD FS) servers. We have created this post to let you know how to protect your AD FS servers from the FoggyWeb backdoor.
1. What Is Active Directory Federation Services (AD FS)? 2. Who Created The FoggyWeb Backdoor Malware? 3. Why Was FoggyWeb Backdoor Created? 4. Indicators Of Compromise (IOCs) Of FoggyWeb Backdoor: 5. How To Protect AD FS From The FoggyWeb Backdoor?