#SolarWindsAttack

Rising Tide of Software Supply Chain Attacks: An Urgent Problem

by

September 12, 2024 at 10:08AM Software supply chain attacks have become a major concern, with a 180% surge in vulnerability-based breaches in 2023. High-profile attacks like SolarWinds and Okta highlight the significant impact and lingering liabilities. Understanding and mitigating these attacks is crucial, involving processes such as SSCS and continuous code scanning to secure software … Read more

Echoes of SolarWinds in New ‘Silver SAML’ Attack Technique

by

February 29, 2024 at 06:08AM The SolarWinds attack involved the use of “Golden SAML” technique to forge SAML response tokens and gain access to enterprise networks. Researchers at Semperis have now identified a new version called “Silver SAML,” which does not require access to ADFS and can work with Microsoft Entra ID and other identity … Read more