{"id":5859,"date":"2017-11-27T11:36:20","date_gmt":"2017-11-27T17:36:20","guid":{"rendered":"http:\/\/allidm.com\/blog\/?p=5859"},"modified":"2017-11-27T13:26:54","modified_gmt":"2017-11-27T19:26:54","slug":"golden-saml-attack-lets-attackers-forge-authentication-to-cloud-apps","status":"publish","type":"post","link":"https:\/\/allidm.com\/blog\/golden-saml-attack-lets-attackers-forge-authentication-to-cloud-apps\/","title":{"rendered":"Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps"},"content":{"rendered":"

Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps<\/h2>\n

A new technique called “Golden SAML” lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication of users against cloud services.<\/p>\n

Golden SAML is not a tool that hackers can use to break into secure enterprises but is a technique used after an attacker has compromised a company.<\/p>\n

The name of this technique was not chosen at random, being a variation of the “Golden Ticket” attack, also known as Pass-the-Ticket. Discovered and detailed by Benjamin Delpy, the author of the Mimikatz tool, the Golden Ticket attack relies on an attacker compromising a Kerberos server and using it to forge authentication tickets for apps that use that Kerberos server for authentication.<\/p>\n

Read more at – Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps<\/a><\/p>\n

\"Allidm<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps A new technique called “Golden SAML” lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication of users against cloud services. Golden SAML is not a tool that hackers can use to break into […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"nf_dc_page":"","_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1227,210,88],"tags":[102,492,1819],"class_list":["post-5859","post","type-post","status-publish","format-standard","hentry","category-access-manager","category-cloud-2","category-identity-space","tag-cloud-identity","tag-saml","tag-saml-attack"],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p25vfy-1wv","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/allidm.com\/blog\/wp-json\/wp\/v2\/posts\/5859","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/allidm.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/allidm.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/allidm.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/allidm.com\/blog\/wp-json\/wp\/v2\/comments?post=5859"}],"version-history":[{"count":1,"href":"https:\/\/allidm.com\/blog\/wp-json\/wp\/v2\/posts\/5859\/revisions"}],"predecessor-version":[{"id":5860,"href":"https:\/\/allidm.com\/blog\/wp-json\/wp\/v2\/posts\/5859\/revisions\/5860"}],"wp:attachment":[{"href":"https:\/\/allidm.com\/blog\/wp-json\/wp\/v2\/media?parent=5859"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/allidm.com\/blog\/wp-json\/wp\/v2\/categories?post=5859"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/allidm.com\/blog\/wp-json\/wp\/v2\/tags?post=5859"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}