Forging identity in the cloud – dissecting Silver SAML

An attack method used to forge identities by faking Security Assertion Markup Language (SAML) has been with us for years. But now threat actors have raised their game, targeting Microsoft's Entra ID service, which is extensively used by major cloud services.