identity provider

SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’

A proof-of-concept attack demonstrates how adversaries can abuse the Security Assertion Markup Language framework to go unnoticed and assume multiple user identities.

Slack Plugs ‘Severe’ SAML User Authentication Hole

Cloud-based communications platform Slack finished patching a severe security hole Thursday affecting portions of its platform that used Security Assertion Markup Language for user authentication.

The first stop for security news | Threatpost

identity provider

SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’

Slack Plugs ‘Severe’ SAML User Authentication Hole

Editor's Picks

Google Expands Bug-Bounty Program to Battle Abuse Methods

Open MQTT Servers Raise Physical Threats in Smart Homes

Google Chrome Bug Opens Access to Private Facebook Information

Microsoft Cortana Flaw Allows Web Browsing on Locked PCs

BlackIoT Botnet: Can Water Heaters, Washers Bring Down the Power Grid?

The first stop for security news | Threatpost

Topics

Authors

Threatpost

Subscribe to our Threatpost Today newsletter

identity provider

SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’

Slack Plugs ‘Severe’ SAML User Authentication Hole

Editor's Picks

Google Expands Bug-Bounty Program to Battle Abuse Methods

Open MQTT Servers Raise Physical Threats in Smart Homes

Google Chrome Bug Opens Access to Private Facebook Information

Microsoft Cortana Flaw Allows Web Browsing on Locked PCs

BlackIoT Botnet: Can Water Heaters, Washers Bring Down the Power Grid?

Subscribe to Threatpost Today

Subscribe to our newsletter, Threatpost Today!

The first stop for security news | Threatpost

Topics

Authors

Threatpost

**Subscribe to our Threatpost Today newsletter**