www.itechpost.com Open in urlscan Pro
35.190.8.4  Public Scan

Form analysis
3 forms found in the DOM

GET /search

<form class="main-search" method="get" action="/search">
  <input class="has-search-icon" name="q" type="search">
  <button aria-label="go" class="visually-hidden">Go</button>
</form>

GET /search

<form action="/search" method="get">
  <input class="has-search-icon" name="q" type="search" placeholder="Search iTech Post">
  <button class="visually-hidden">Go</button>
</form>

POST /home/news/newsletter/mailchimp_insert.php

<form id="newsletterform" method="post" onsubmit="return false;" action="/home/news/newsletter/mailchimp_insert.php">
  <input type="email" id="newsletter-email" placeholder="Email Address">
  <button id="nlsubmit3">Submit</button>
</form>

Text Content

To enjoy our website, you'll need to enable JavaScript in your web browser.
Please click here to learn how.

Skip to main content
 * Reviews
 * Tech
 * Auto
 * Games
 * Culture

Subscribe

Go


TECH

 * Apps
 * Apple
 * Samsung
 * Google
 * Mobile
 * Wearables
 * Business
 * Smart Home
 * Social Network


REVIEWS

 * Phones
 * Laptops
 * Tablets
 * Cameras


SCIENCE

 * Space
 * Robots
 * Environment
 * Energy
 * Living Planet


ENTERTAINMENT

 * Film
 * TV
 * Music


CULTURE


GAMES

Go
Czarina Grace Tech 09.29.2021 04:Sep AM EDT


NEW MICROSOFT MALWARE CAN STEAL YOUR CREDENTIALS, SENSITIVE INFO: HOW TO STOP
FOGGYWEB FROM ATTACKING YOU



The FoggyWeb malware is a utility tool that helps hackers steal user data,
access admin-level permissions, and stay inside networks even after clean-up.
Photo : JACK GUEZ/AFP/Getty Images

Remember the SolarWinds hack? Microsoft recently discovered another piece of
malware used by hackers during the attack. The FoggyWeb malware is a utility
tool that helps hackers steal user data, access admin-level permissions, and
stay inside networks even after clean-up.

Business industries and companies are often warned about cybersecurity risks on
the internet. One of the most iconic example is the SolarWinds software supply
chain, which leaked over 18,000 customer information and nine U.S. government
agency confidential data last year.



Ongoing research is trying to unpack the scary details of the malware attacks.


MICROSOFT WARNING: NOBELIUM MODULES

According to ZDNet, the U.S. and U.K. initially blamed the Russian Foreign
Intelligence Service (SVR) hacking unit APT29, Cozy Bear, and The Dukes.
Security researchers later discovered that these cyberattacks started from the
Nobelium attack group.

Microsoft discovered how Nobelium had different malware components like GoldMax,
GoldFinder, and Sibot. Nobelium was later linked to groups like
Sunburst/Solarigate, Teardrop, and Sunspot.

The most recent malware discovered is called FoggyWeb. It is a backdoor system
used by attackers on a targeted server that was already compromised.

Read Also: Amazon 'New World' Controller: How to Use PlayStation, Xbox
Controllers and Rebind Them


NEW MICROSOFT MALWARE CAN STEAL YOUR CREDENTIALS

ZDNet explained how FoggyWeb uses several tactics to steal network usernames and
passwords from the device. Hackers later get admin-level access to the Active
Directory Federation Services (AD FS) servers, where they could hide corrupted
code, steal secondary user identity, access management infrastructure, and
control user access to company apps and resources.

Even worse, FoggyWeb lets hackers hide inside the network during system
clean-up, keeping hackers safe from anti-virus detections.

Ramin Nafisi, a member of the Microsoft Threat Intelligence Center, said that
"Nobelium uses FoggyWeb to remotely exfiltrate the configuration database of
compromised AD FS servers, decrypted token-signing certificate, and
token-decryption certificate, as well as to download and execute additional
components," per ZDNet.

FoggyWeb is a passive and highly utilized backdoor tool used by many hackers.
Unfortunately, as previously mentioned, the malware is extremely hard to to
detect. 

Microsoft recommends that potentially affected customers should take three key
steps to ensure their protection:

 * Auditing on-premise and cloud infrastructure for configurations and per-user
   and per-app settings.
 * Removing user and app access, review configurations, and re-issue new, strong
   credentials.
 * Using a hardware security module to prevent FoggyWeb from stealing secrets
   from AD FS servers.


OTHER CYBERSECURITY THREATS YOU SHOULD BE AWARE OF

Aside from FoggyWeb, two hacking strategies are rapidly gaining popularity in
these last few months. Users and business companies are warned to remain
conscious and careful about TangleBot and Phishing Scams.

 * TangleBot: An Android malware that could access user microphones, cameras,
   SMS, call logs, internet, and GPS without their awareness. There are nine
   ways to prevent TangleBot from infecting a device.
 * Phishing scams and email attacks: Security company Tessian warned about
   hacking strategies that exploit employee accounts to access the company
   website. Here are eight warning signs that your device could be in danger.


Related Article: iPhone 14 Leaks Reveal New Design: 2022 iPhone Will Have No
Notch, Under-Display Touch ID Possible

© 2021 iTech Post All rights reserved. Do not reproduce without permission.

Tags Microsoft Malware FoggyWeb microsoft Microsoft warning
Promoted Content

Herbeauty
A Mental Health Chatbot Which Helps People With Depression
Herbeauty
Herbeauty
Herbeauty
He Is Totally In Love With You If He Does These 7 Things
Herbeauty
Herbeauty
Herbeauty
Stop Eating Red Meat (Before It's Too Late)
Herbeauty
Herbeauty
Herbeauty
Install These Measures To Keep Your Household Safe From Covid19
Herbeauty
Herbeauty
Herbeauty
Want To Seriously Cut On Sugar? You Need To Know A Few Tricks
Herbeauty
Herbeauty
Herbeauty
6 Strong Female TV Characters Who Deserve To Have A Spinoff
Herbeauty
Herbeauty


SIGN UP FOR THE ITECHPOST NEWSLETTER

Get the Most Popular iTechPost Stories in a Weekly Newsletter

Submit






TRENDING NEWS


 * FOURTH STIMULUS CHECK UPDATE: $2000 ONLINE PETITION TAKES BIG STEP, NEW $600
   GRANT FOR FOOD WORKERS REVEALED


 * NEW ANDROID MALWARE LETS HACKERS USE YOUR DEVICE REMOTELY, STEAL DATA: 9 WAYS
   TO PREVENT TANGLEBOT


 * IPHONE 14 LEAKS REVEAL NEW DESIGN: 2022 IPHONE WILL HAVE NO NOTCH,
   UNDER-DISPLAY TOUCH ID POSSIBLE


 * NASA HUBBLE TELESCOPE FOUND HEAVEN! MILKY WAY STAR CLUSTER CAPTURED IN
   ENCHANTING IMAGES


 * IPHONE 13 PRICE IN INDIA REQUIRES 90 DAYS OF WORK; 6 DAYS FOR US

Adertisement




MORE FROM ITECHPOST


 * AMAZON ASTRO ROBOT PRICE, REVIEW AND REACTIONS: WHY NEW HOME ROBOT IS
   DANGEROUS FOR YOUR PRIVACY


 * TOP IOS 15 FEATURE: 5 STEPS TO SET UP RECOVERY CONTACT ON YOUR IPHONE


 * NEW IPHONE APP LETS YOU DELETE DRUNKEN TWEETS, FB POSTS FAST: PRICE,
   FEATURES, AND WHERE TO DOWNLOAD


 * 'SQUID GAME' PHONE NUMBER IS REAL! OWNER GETTING 4000 PRANK CALLS PER DAY,
   RECEIVES $85,000 OFFER


Home Reviews Tech Auto Games Culture

About us Contact us Terms of service Privacy policy
Copyright © 2021 iTech Post All Rights Reserved. Reproduction in whole or in
part without permission is prohibited.