Bleeping Computer

Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps

A new technique called "Golden SAML" lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication ...
Dark Reading

Learn SAML: The Language You Don't Know You're Already Speaking

Security Assertion Markup Language (SAML): You may have heard of it. You've likely used it at least once today to log into a website portal or enterprise application ...
Business Wire

Zoho Vault Delivers SAML-Based Single Sign-On for Cloud Apps

PLEASANTON, Calif.--(BUSINESS WIRE)--Zoho today announced SAML-based single sign-on (SSO) support for cloud applications in Zoho Vault, its online password manager for teams. With enterprises rushing ...
Threat Post

Office 365 Vulnerability Exposed Any Federated Account

Microsoft in January patched a severe Office 365 vulnerability that exposed accounts whose domains were configured as federated. A severe vulnerability in the way Microsoft Office 365 handles ...
secureidnews.com

Why the future of authentication isn’t SAML

The future of authentication will not rely on SAML, but with OpenID Connect and OAuth 2 instead, Dave Kearns contends in a blog post for KuppingerCole. SAML, or Security Assertion Markup Language, is ...
Network World

Boeing lets single sign-on project fly

SAN FRANCISCO – Boeing last week made public the first phase of a standards-based identity management project that could serve as an industry model for integrating single sign-on access controls ...