Shadow Linking: The Persistence Vector of SaaS Identity Threat

Shadow Linking: The Persistence Vector of SaaS Identity Threat

Executive Summary The Obsidian Security Research Team has uncovered a persistence attack vector, Shadow Linking, which allows threat actors to gain persistent access via OpenID Connect (OIDC) login to victims’ SaaS accounts ...
Dissecting Real World Help Desk Social Engineering Attacks

Dissecting Real World Help Desk Social Engineering Attacks

Social engineering attacks have evolved significantly, and one of the most concerning trends is the targeting of help desk agents. These attacks exploit human vulnerability, bypassing technical safeguards to gain unauthorized access ...
Emerging Identity Threats: The Muddy Waters of Residential Proxies

Emerging Identity Threats: The Muddy Waters of Residential Proxies

While the goals of various adversary groups may not change drastically over time, their TTPs will. Effective techniques for initial access, post-authentication activity, and dwell time within a target tenant are an ...
Emerging Identity Threats: The Muddy Waters of Residential Proxies

Emerging Identity Threats: The Muddy Waters of Residential Proxies

While the goals of various adversary groups may not change drastically over time, their TTPs will. Effective techniques for initial access, post-authentication activity, and dwell time within a target tenant are an ...
Rethinking Identity Threat Detection: Don’t Rely on IP Geolocation

Rethinking Identity Threat Detection: Don’t Rely on IP Geolocation

SOC teams frequently look to the IP geolocation to determine whether an alert or activity poses a genuine threat.  However, with the changing threat landscape, relying solely on this information is no ...
Risky Business: How HR Tech is Contributing to SaaS Risks

Risky Business: How HR Tech is Contributing to SaaS Risks

In today’s digital-first world, individuals are bringing B2C behaviors into the B2B sphere. Just as someone might casually share personal login details with platforms like Turbotax for tax filing, many are now ...
SaaS Under Siege: Nation-State Actors Target Identities

SaaS Under Siege: Nation-State Actors Target Identities

TL;DR – Like bank robbers and banks, nation-state actors are now targeting SaaS because that’s where the currency is. Plus, now it’s even easier than traditional endpoint compromise. In case you missed ...

Firefox 122 Released with 15 Security Fixes

Mozilla released the new version of its popular browser, Firefox 122, on January 23, 2024. It came 1 month and 5 days after the previous Firefox 121 and brings several new features ...

Patch Tuesday: Intel and AMD Disclose 130+ Vulnerabilities

In the cybersecurity world, the second Tuesday of every month is a significant date marked by the release of security updates known as Patch Tuesday. This monthly event sees major technology players ...
Detecting AiTM Phishing Sites with Fuzzy Hashing

Detecting AiTM Phishing Sites with Fuzzy Hashing

| | FEATURED, Security Advisories
Background In this blog, we will cover how Obsidian detects phishing kits or Phishing-as-a-Service (PhaaS) websites for our customers by analyzing the fuzzy hashes of visited website content. This concept draws from ...