eWeek

Duo Security Discloses SAML Single Sign On Vulnerabilities

eSpeaks' Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...
Dark Reading

SAML Flaw Lets Hackers Assume Users' Identities

A newly discovered vulnerability lets attackers take advantage of single sign-on (SSO) systems relying on Security Assertion Markup Language (SAML) and authenticate as another user without knowing his ...
Threat Post

Office 365 Vulnerability Exposed Any Federated Account

Microsoft in January patched a severe Office 365 vulnerability that exposed accounts whose domains were configured as federated. A severe vulnerability in the way Microsoft Office 365 handles ...
Redmond Magazine

Azure Active Directory Proxy Service Now Supports SAML Identity

Microsoft announced on Tuesday that the Azure Active Directory (AD) Application Proxy service now works with applications that use the Security Assertion Markup Language (SAML) 2.0 for user ...
Bleeping Computer

Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps

A new technique called "Golden SAML" lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication ...