Tag: SAML Attack

New Silver SAML Attack Evades Golden SAML Defenses in Identity Systems
News

New Silver SAML Attack Evades Golden SAML Defenses in Identity Systems

Researchers studying cybersecurity have unveiled Silver SAML, a novel attack method that can succeed even when countermeasures against Golden SAML attacks have been put in place. According to Semperis researchers Tomer Nahum and Eric Woodruff, Silver SAML "enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against applications configured to use it for authentication, such as Salesforce," which was shared with The Hacker News. CyberArk published the first documentation for Golden SAML (Security Assertion Markup Language) in 2017. To put it briefly, the attack vector involves using the interoperable authentication standard improperly to pretend to be virtually any identity within an organization read more New Silver SAML Attack Evades Golden SAM...