Andrew Harris identified the Golden SAML flaw in Microsoft's ADFS in 2016, allowing attackers to access systems undetected, affecting millions, including the US government.
Harris warned Microsoft about the vulnerability, but the MSRC declined to fix it, leading to the flaw being part of the SolarWinds attacks affecting thousands of organizations.
Collection
[
|
...
]