Oh boy, #goldenSAML comes with a heavy story: https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackers
I lost count, were the leaked private key & password spraying vulns different streams down this huge-pile-of-whoopsie?
Whistleblower Says Microsoft Dismissed Warnings About a Security Flaw That Russians Later Used to Hack U.S. Government
Former employee says software giant dismissed his warnings about a critical flaw because it feared losing government business. Russian hackers later used the weakness to breach the National Nuclear Security Administration, among others.
Are MSA keys owned and protected by #Microsoft or customers? They seem to dance around the issue and it’s worded differently than with #GoldenSAML attacks where an ADFS server is compromised or a new trusted added to Azure.
Anyone know of more details? #Storm-0558
https://msrc.microsoft.com/blog/2023/07/microsoft-mitigates-china-based-threat-actor-storm-0558-targeting-of-customer-email/
Microsoft mitigates China-based threat actor Storm-0558 targeting of customer email | MSRC Blog
| Microsoft Security Response Center
Microsoft mitigates China-based threat actor Storm-0558 targeting of customer email
Risks Using a Third Party Identity Provider with Azure
~~~~~
ACM.177 Did the US government say you should not use third-party Identity Providers with Azure?
~~~~~
by Teri Radichel | Mar, 2023
#cloudsecurity #idp #identityprovider #azure #cybersecurity #goldensaml
https://medium.com/cloud-security/risks-using-a-third-party-identity-provider-with-azure-ea3a90013ce0
Risks Using a Third Party Identity Provider with Azure
I was recently informed by someone that the US government recommends against using a third-party Identity Provider with Azure. He pointed me to this document at the end of the post so I could read…
Practical guide for Golden SAML
Practical guide step by step to create golden SAML
Martin Schmiedecker
Rich
Teri Radichel
Martin Boller 
