Researchers have disclosed a new attack technique, "Silver SAML," targeting applications that use cloud identity providers such as Microsoft Entra ID.

The Tidyverse Blog offers insights, tutorials, and updates on the Tidyverse, a collection of R packages for data science and statistical computing. Covering topics such as data manipulation, visualization, and analysis, the blog provides resources for R developers looking to leverage the power of the Tidyverse for their data projects. Developers can learn how to use Tidyverse packages effectively to clean, transform, and analyze data in R.

The Hacker News

Researchers have disclosed a new attack technique called Silver SAML that can bypass defenses against Golden SAML attacks. It enables the exploitation of SAML for launching attacks against applications like Salesforce. Silver SAML works with Microsoft Entra ID and doesn't require access to the Active Directory Federation Services (AD FS). Microsoft has been notified about the issue and organizations are advised to use Entra ID self-signed certificates for SAML signing.

New Silver SAML Attack Evades Golden SAML Defenses in Identity Systems