ManageEngine x Forrester | Workforce Identity Platforms Landscape Report

Recent AD News

Solarigate attacks: Here’s what Microsoft wants you to do

Following the SolarWinds Orion-based software attack, Microsoft last month recommended security measures for IT pros to consider.

Microsoft has been compiling a list of tips to identify such attacks at its Microsoft Security Response Center’s Solorigate page.

The articles on security recommendations were mostly written by Alex Weinert, director of identity security at Microsoft. In this article written by Weinert on the Active Directory identity verification process, he says that the resources using SAML tokens should be considered a possible risk. This issue is not specific to a software vendor, he added:

Any resource which trusts a customer’s compromised SAML token signing certificate should be considered at risk. The SAML attack is not specific to any particular identity system or identity vendor you use. It impacts any vendor’s on-premises or cloud identity system, and any resources that depend on industry-standard SAML identity federation. Along with this, Weinert also gave multiple tips to IT pros. He also directed IT pros whose organizations use the Azure AD service, to a workbook that can be used with Azure Monitor solution. He said it can come in really handy to find “indicators of compromise”.

Related posts
Recent AD News

Chinese hacker group 'Naikon' strikes again: Targets ASEAN nations

Recent AD News

Bumblebee: A new malware loader on the prowl

Recent AD News

FBI issues alert: A lethal ransomware that breached 60 companies

Recent AD News

Israel's Pegasus spyware finds a new target

×

There are over 8,500 people who are getting towards perfection in Active Directory, IT Management & Cyber security through our insights from Identitude.

Wanna be a part of our bimonthly curation of IAM knowledge?

  • -Select-
  • By clicking 'Become an insider', you agree to processing of personal data according to the Privacy Policy.