Threat Post

SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’

A proof-of-concept attack demonstrates how adversaries can abuse the Security Assertion Markup Language framework to go unnoticed and assume multiple user identities. Researchers at CyberArk Labs have ...
Dark Reading

Echoes of SolarWinds in New 'Silver SAML' Attack Technique

After the threat actor behind the SolarWinds attack compromised the company's Orion network management product and leveraged it to break into target enterprise networks, the group often used a ...
Bleeping Computer

Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps

A new technique called "Golden SAML" lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication ...