The simplest attacks are often the most effective. In most companies, webmail access portals are exposed on the internet and do not always benefit from sufficient access-control mechanisms. In addition, some messaging services offer extended features that go beyond simple…
An attack technique, christened “Golden SAML”, has recently been documented in an article published on CyberArk’s blog. Although novel in the way it is carried out, the attack presented here makes use of a tried and tested principle. This attack…
