security-log.hatenablog.com
vul.hatenadiary.com
【ブログ】
◆Golden SAML: Newly Discovered Attack Technique Forges Authentication to Cloud Apps (CyberArk, 2017/11/21)
[Golden SAML。新たに発見された攻撃手法が、クラウドアプリに対し認証情報を偽造する]
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
⇒ https://malware-log.hatenablog.com/entry/2017/11/21/000000_8
◆Golden SAML Revisited: The Solorigate Connection (CyberArk, 2020/12/29)
[Golden SAMLの再訪: Solorigateとの接続]
https://www.cyberark.com/resources/threat-research-blog/golden-saml-revisited-the-solorigate-connection
⇒ https://malware-log.hatenablog.com/entry/2020/12/29/000000_2
◆Detection and Hunting of Golden SAML Attack (SYGNIA, 2020/12)
[Golden SAML攻撃の検出とハンティング]
https://www.sygnia.co/golden-saml-advisory
⇒ https://malware-log.hatenablog.com/entry/2020/12/31/000000
◆A Golden SAML Journey: SolarWinds Continued (Splunk, 2021/01/08)
https://www.splunk.com/en_us/blog/security/a-golden-saml-journey-solarwinds-continued.html
⇒ https://malware-log.hatenablog.com/entry/2021/01/08/000000_5
◆Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 (FireEye, 2021/01/19)
[UNC2452に対抗するためのMicrosoft 365の修復と要塞化戦略]
https://www.fireeye.com/blog/threat-research/2021/01/remediation-and-hardening-strategies-for-microsoft-365-to-defend-against-unc2452.html
⇒ https://malware-log.hatenablog.com/entry/2021/01/19/000000_1
【関連情報】
◆Golden Ticket (まとめ)
https://malware-log.hatenablog.com/entry/GoldenTicket
◆SAML (まとめ) [TT SEcurity Log]
https://security-log.hatenablog.com/entry/SAML
【関連まとめ記事】
◆攻撃手法 (まとめ)
https://malware-log.hatenablog.com/entry/Attack_Method
