Techly NewsGet the app

Get the latest tech news

Echoes of SolarWinds in New 'Silver SAML' Attack Technique


A successor to the "Golden SAML" tactic used in the SolarWinds campaign, this new technique taps SAML response forgery to gain illegitimate access to apps and services.

The technique involved stealing the victim organization's Active Directory Federation Services (ADFS) token-signing certificate and using it to forge SAML response tokens. It also works in Microsoft Entra ID (formerly Azure AD) and any other identity provider environment that permits the import of externally generated SAML signing certifications, Semperis said. The research highlights why organizations that use externally generated certificates should take care to manage them securely and ensure they are protected as a Tier 0 — or critical — resource, he says.

Get the Android app

Or read this on r/technology

Read more on:

Photo of SolarWinds

SolarWinds

Photo of echoes

echoes

Photo of silver saml

silver saml

Related news:

News photo

Russia cyber spies behind SolarWinds breach adopting new tactics, warn Five Eyes agencies

News photo

SolarWinds fixes critical RCE bugs in access rights audit solution

News photo

The first Final Fantasy XVI DLC 'Echoes of the Fallen' is out now

« Pimco Sees Swelling Deficit Dragging Bonds ‘Back to the Future’
A viral photo of a guy smoking in McDonald's is completely fake — and of course made by AI »