What is Golden SAML?

The Golden SAML threat vector enables an attacker to create a forged SAML “authentication object,” and authenticate across every service that uses SAML 2.0 protocol as an SSO mechanism. In a golden SAML attack, the attacker can gain access to any application that supports SAML authentication (e.g. Azure, AWS, vSphere, etc.) with any privileges they … Continue reading What is Golden SAML?

Secure Networks Vidcast with Mike Morris from Endace

I had the fantastic opportunity to have a recorded video chat (a vidcast) with Mike Morris the Global Director of Business Development at Endace recently. Endace is in my mind the market leader when it comes to network packet capture solutions. They have really evolved network packet technology from its roots in open source TCPdump … Continue reading Secure Networks Vidcast with Mike Morris from Endace

Inference, Aggregation, and Safe Cracking

I'm studying for the CISSP exam. Inference and aggregation are means used to take low level or partial information and use that to derive higher level information. Inference requires deduction. The lower level information provides clues. Aggregation is a mathematical or mechanical process. Apply inference and aggregation to safe cracking (or lock picking). Using inference … Continue reading Inference, Aggregation, and Safe Cracking