NIST's guidance for a Zero Trust Architecture

Recent AD News

Solarigate attacks: Here’s what Microsoft wants you to do

Following the SolarWinds Orion-based software attack, Microsoft last month recommended security measures for IT pros to consider.

Microsoft has been compiling a list of tips to identify such attacks at its Microsoft Security Response Center’s Solorigate page.

The articles on security recommendations were mostly written by Alex Weinert, director of identity security at Microsoft. In this article written by Weinert on the Active Directory identity verification process, he says that the resources using SAML tokens should be considered a possible risk. This issue is not specific to a software vendor, he added:

Any resource which trusts a customer’s compromised SAML token signing certificate should be considered at risk. The SAML attack is not specific to any particular identity system or identity vendor you use. It impacts any vendor’s on-premises or cloud identity system, and any resources that depend on industry-standard SAML identity federation. Along with this, Weinert also gave multiple tips to IT pros. He also directed IT pros whose organizations use the Azure AD service, to a workbook that can be used with Azure Monitor solution. He said it can come in really handy to find “indicators of compromise”.

Related posts
Recent AD News

2020 recorded the highest number of CVE’s to ever be reported

Recent AD News

Microsoft announces Azure Best Practices and Launches Conditional Access Enhancements

Recent AD News

Accellion Zero-Days Responsible for Recent Data Theft and Extortion Attacks

Recent AD News

SolarWinds Puts the Blame on their Intern for the Supply Chain Attack

Leave a Reply

Your email address will not be published. Required fields are marked *