Mandiant finds way to recover active ADFS signing keys
By
[email protected] (Mark Tarre)
6h agoen
Source
IT Brief UKMandiant finds way to recover active ADFS signing keysitbrief.co.ukFirms with manually rotated ADFS certificates could still be exposed, as attackers may recover live signing keys and forge SAML logins.
You might also wanna read
Attackers exploited passwords stored in Active Directory description fields to deploy ransomware
Attackers used a phishing campaign and the Sliver offensive tool to steal credentials, then queried Active Directory where they discovered p
Security firm reveals how passwords stored in Active Directory description fields led to full compromise
A security firm executive recounts an incident where an organization stored all user passwords in plaintext within Active Directory descript
BSides Brisbane 2026: SANS Researcher Jason Blanchard Unveils Active Directory Certificate Services Zero-Day Vulnerability
At BSides Brisbane 2026, SANS Institute's Jason Blanchard uncovered a significant zero-day vulnerability in Active Directory Certificate Ser
undercodetesting.com·3d agoAnalysis of ATProto Key Management Issues and Account Recovery Problems
The author recounts their experience with ATProto's key management system, where they lost access to their account due to a key rotation iss
notes.nora.codes·5mo ago
CISA Orders Emergency Patching for Actively Exploited Cisco Unified CM SSRF Vulnerability
CISA has ordered urgent patching for an actively exploited SSRF vulnerability (CVE-2026-20230) in Cisco Unified Communications Manager and U

WAF - WAF Release - 2025-08-18
Cloudflare·10mo ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.