SAML

Pierluigi Paganini December 29, 2020
SolarWinds hackers aimed at access to victims’ cloud assets

Microsoft says that SolarWinds hackers aimed at compromising the victims’ cloud infrastructure after deploying the Solorigate backdoor (aka Sunburst). The Microsoft 365 Defender Team revealed that the goal of the threat actors behind the SolarWinds supply chain attack was to move to the victims’ cloud infrastructure once infected their network with the Sunburst/Solorigate backdoor. “With […]

Pierluigi Paganini December 19, 2020
NSA warns of cloud attacks on authentication mechanisms

The US National Security Agency (NSA) warns of two techniques abused by threat actors for escalating attacks from local networks to cloud infrastructure. The US National Security Agency has published a security advisory that describes two techniques abused in recent attacks against cloud infrastructure. The attack techniques are abused by hackers are using to escalate […]

Pierluigi Paganini October 31, 2019
eIDAS flaws allowed attackers to impersonate any EU citizen or business

European authorities have addressed two security vulnerabilities affecting the eIDAS (electronic IDentification, Authentication and trust Services) system. European authorities have released security updates (v2.3.1) for its eIDAS (electronic IDentification, Authentication and trust Services) system that addressed two security vulnerabilities. ‘The electronic IDentification, Authentication and trust Services‘ is an EU regulation on / a set of standards for electronic identification and trust […]

Pierluigi Paganini April 23, 2018
CVE-2018-0229 flaw in SAML implementation threatens Firepower, AnyConnect and ASA products

Cisco has announced a set of security patches that address the CVE-2018-0229 vulnerability in its implementation of the Security Assertion Markup Language (SAML). The CVE-2018-0229 flaw could be exploited by an unauthenticated, remote attacker to establish an authenticated AnyConnect session through an affected device running ASA or FTD Software. “A vulnerability in the implementation of Security […]