New Silver SAML Attack Let Attackers Forge Any SAML Response To Entra ID

4 March 2024

SolarWinds cyberattack was one of the largest attacks of the century in which attackers used the Golden SAML attack in post-breach exploitation to affect thousands of organizations all over the world including the United States government for deploying malicious code into Orion IT management and monitoring software. After the massive cyberattack, CISA recommended hybrid environment organizations to move to a cloud identity system such as Entra ID. However, a new technique dubbed Silver SAML has been discovered which could bypass security recommendations and exploit Entra ID using applications.

Source: GBHackers

Date:

4 March 2024

Categorie(s):

NEWS

Tag(s):

Attackers, Attacks, Cyber Security News, Forge, ID

Dropbox Sign breach impacts customer data2 May 2024
Apple confirms it will open up the iPad in Europe this fall2 May 2024
LayerX Security Raises $24M for Browser Security: Empowering Secure Remote Work2 May 2024
LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely From Any Browser, Anywhere2 May 2024
Carahsoft to Serve as Public Sector Distributor for QuintessenceLabs Services2 May 2024