'Silver SAML' Haunts Entra ID SIngle Sign On Security

Moving From AFDS to Avoid 'Golden SAML' Wasn't A Cure-All
A post-SolarWinds move away from Active Directory Federation Services to Azure AD - now known as Entra ID - didn't necessarily stop hackers from forging single sign on authentication messages, warn security researchers from Semperis, who unveiled an attack they dub "Silver SAML."

active directory attack authentication azure azure ad directory entra entra id federation golden hackers messages moving researchers saml security security researchers semperis services sign silver single solarwinds