Bleeping Computer

Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps

A new technique called "Golden SAML" lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication ...
Dark Reading

Learn SAML: The Language You Don't Know You're Already Speaking

Security Assertion Markup Language (SAML): You may have heard of it. You've likely used it at least once today to log into a website portal or enterprise application ...
GeekWire

How the SolarWinds hackers are targeting cloud services in unprecedented cyberattack

[Editor’s Note: Independent security consultant Christopher Budd worked previously in Microsoft’s Security Response Center for 10 years.] Analysis: To understand where the SolarWinds attackers are ...
Business Wire

Zoho Vault Delivers SAML-Based Single Sign-On for Cloud Apps

PLEASANTON, Calif.--(BUSINESS WIRE)--Zoho today announced SAML-based single sign-on (SSO) support for cloud applications in Zoho Vault, its online password manager for teams. With enterprises rushing ...
secureidnews.com

Why the future of authentication isn’t SAML

The future of authentication will not rely on SAML, but with OpenID Connect and OAuth 2 instead, Dave Kearns contends in a blog post for KuppingerCole. SAML, or Security Assertion Markup Language, is ...
Threat Post

Office 365 Vulnerability Exposed Any Federated Account

Microsoft in January patched a severe Office 365 vulnerability that exposed accounts whose domains were configured as federated. A severe vulnerability in the way Microsoft Office 365 handles ...
CSOonline

Turbo-charging your single sign-on solution

Many mid-to-large sized organizations and a fast-growing segment of SMBs have embraced and deployed one of the many single sign on (SSO) solutions available. In simplest terms, SSO is a session and ...