Dark Reading

Echoes of SolarWinds in New 'Silver SAML' Attack Technique

After the threat actor behind the SolarWinds attack compromised the company's Orion network management product and leveraged it to break into target enterprise networks, the group often used a ...
Bleeping Computer

NSA warns of hackers forging cloud authentication information

An advisory from the U.S. National Security Agency provides Microsoft Azure administrators guidance to detect and protect against threat actors looking to access resources in the cloud by forging ...
Redmond Magazine

Microsoft Previews SAML Token Encryption in Azure Active Directory

Microsoft has been adding to its Azure Active Directory capabilities in recent weeks. New capabilities at the preview stage were announced. Microsoft also rolled out an ability to detect Microsoft ...
Security Boulevard

12 Microsoft Entra ID SAML Errors That Break Enterprise Logins and How to Resolve Them

Fix the 12 most common Entra ID SAML errors B2B SaaS teams hit (AADSTS50105, signature mismatch, NameID, clock skew) with exact debug steps.
Bleeping Computer

Microsoft: SolarWinds hackers' goal was the victims' cloud data

Microsoft says that the end goal of the SolarWinds supply chain compromise was to pivot to the victims' cloud assets after deploying the Sunburst/Solorigate backdoor on their local networks. No new ...
Krebs on Security

Tag Archives: SAML token compromise

U.S. government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other ...