all InfoSec News
Shadow Linking: The Persistence Vector of SaaS Identity Threat
Security Boulevard securityboulevard.com
Executive Summary The Obsidian Security Research Team has uncovered a persistence attack vector, Shadow Linking, which allows threat actors to gain persistent access via OpenID Connect (OIDC) login to victims’ SaaS accounts stealthily. Employees may also abuse this technique to maintain persistent access to company resources even after their offboarding. Many applications lack adequate defenses […]
The post Shadow Linking: The Persistence Vector of SaaS Identity Threat appeared first on Obsidian Security.
The post Shadow Linking: The …
abuse access accounts attack attack vector connect employees executive featured identity identity threat login may obsidian obsidian security offboarding oidc openid openid connect persistence persistent research resources saas security security advisories security guidance security research shadow team threat threat actors uncovered vector