What is Golden SAML?

The Golden SAML threat vector enables an attacker to create a forged SAML “authentication object,” and authenticate across every service that uses SAML 2.0 protocol as an SSO mechanism. In a golden SAML attack, the attacker can gain access to any application that supports SAML authentication (e.g. Azure, AWS, vSphere, etc.) with any privileges they … Continue reading What is Golden SAML?

Google to Prioritize Secure Websites

BBC News is reporting today that Google has updated their search engine algorithm to provide a higher rank to websites that use HTTPS.  The web news site Gigaom explains further that the algorithm identifies web sites that use HTTPS / TLS and uses it as a 'light factor' that impacts less than 1% of global queries.