APT29 targeting Microsoft 365 (Campaign)

[email protected] (Wiz Threat Research) 2022-08-22T00:00:00+00:00 View Original

Full Report

On 2022-08-22, a campaign was reported, involving APT29, gaining initial access via , while using Add attacker-controlled IdP via ADFS access, Disable logging, MFA enrollment, Auth token signing via Golden SAML, Auth token signing via ADFS access,.

Analysis Summary