That is a big problem, as they inevitably reuse the same password everywhere, chain together personal information like kids’ names and brazil telegram data 30 million birthdays, or create “minimally-viable” passwords like Aa123456 to bypass requirements.
of passwords is single sign-on (SSO), which allows employees to authenticate into any number of SaaS apps with a single set of centrally managed credentials stored with a cloud-based identity provider (IdP). SSO has ended up being a blessing for IT and DevOps teams, as it eliminates password fatigue, gives them more control, and frees them from having to constantly help hapless peers through password resets.
Still, SSO isn’t without its dangers
First, you must abstract credentials to your IdP, which reduces your visibility and more easily allows misconfigurations to creep in without being caught. Second, 67% of organizations sync their on-premises passwords to their cloud IdP using insecure methods according to Silverfort, creating an entirely new attack vector that wouldn’t exist if you didn’t need the security benefits of SSO for other reasons.
Their team writes, “This underground
exposure could also provide attackers with practical training on rea direct access to your SaaS environment.” In other words, the connection between your on-premises identity service and cloud-based IdP is the perfect environment for lateral movement.
How threat actors move laterally toward SaaS data
Much like a good movie heist, and no agb directory matter the target or architecture threat actors are working with, the process for laying the groundwork and striking is almost always the same.
