identity provider

SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’

A proof-of-concept attack demonstrates how adversaries can abuse the Security Assertion Markup Language framework to go unnoticed and assume multiple user identities.

Slack Plugs ‘Severe’ SAML User Authentication Hole

Cloud-based communications platform Slack finished patching a severe security hole Thursday affecting portions of its platform that used Security Assertion Markup Language for user authentication.

identity provider

SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’

Slack Plugs ‘Severe’ SAML User Authentication Hole

Editor's Picks

19-Year-Old WinRAR Flaw Plagues 500 Million Users

Researcher: Not Hard for a Hacker to Capsize a Ship at Sea

Password Manager Firms Blast Back at ‘Leaky Password’ Revelations

New GandCrab Decryptor Unlocks Files of Updated Ransomware

When Cyberattacks Pack a Physical Punch

Topics

Authors

Threatpost

Subscribe to our Threatpost Today newsletter

identity provider

SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’

Slack Plugs ‘Severe’ SAML User Authentication Hole

Editor's Picks

19-Year-Old WinRAR Flaw Plagues 500 Million Users

Researcher: Not Hard for a Hacker to Capsize a Ship at Sea

Password Manager Firms Blast Back at ‘Leaky Password’ Revelations

New GandCrab Decryptor Unlocks Files of Updated Ransomware

When Cyberattacks Pack a Physical Punch

Subscribe to Threatpost Today

Subscribe to our newsletter, Threatpost Today!

Topics

Authors

Threatpost

InfoSec Insider Post

Sponsored Post

**Subscribe to our Threatpost Today newsletter**