Russian threat actor Forest Blizzard has been exploiting unsecured home and small-office internet equipment, such as routers, to redirect traffic through attacker-controlled DNS servers. The group has leveraged this DNS hijacking activity to support post-compromise adversary-in-the-middle (AiTM) attacks on Transport Layer Security (TLS) connections, targeting Microsoft Outlook on the web domains, according to a Microsoft Threat Intelligence report. By compromising upstream edge devices, the attackers are able to exploit less monitored networks and use them as a pathway to access enterprise environments. More than 200 organizations and over 5,000 consumer devices have already been impacted by...