Threat Post

Office 365 Vulnerability Exposed Any Federated Account

Microsoft in January patched a severe Office 365 vulnerability that exposed accounts whose domains were configured as federated. A severe vulnerability in the way Microsoft Office 365 handles ...
CSOonline

How SAML works and enables single sign-on

What is SAML and what is it used for? The Security Assertion Markup Language (SAML) is an open standard that allows security credentials to be shared by multiple computers across a network. It ...
Dark Reading

SAML Flaw Lets Hackers Assume Users' Identities

A newly discovered vulnerability lets attackers take advantage of single sign-on (SSO) systems relying on Security Assertion Markup Language (SAML) and authenticate as another user without knowing his ...
Bleeping Computer

Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps

A new technique called "Golden SAML" lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication ...
Redmond Magazine

Azure Active Directory Proxy Service Now Supports SAML Identity

Microsoft announced on Tuesday that the Azure Active Directory (AD) Application Proxy service now works with applications that use the Security Assertion Markup Language (SAML) 2.0 for user ...