web analytics

SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’

 

24th November 2017 By Tom Spring

 

Researchers at CyberArk Labs have created a post-intrusion attack technique known as a Golden SAML that could allow an attacker to fake enterprise user identities and forge authentication to gain access to valuable cloud resources in a federation environment.

 

“Using this post-exploit technique, attackers can become any user they want to be – with the highest level of privileges – and gain approved, federated access to a targeted app,” according to CyberArk Labs who revealed the attack technique this week.

 

Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico