Infosecurity-magazine.com

SAML - The Vital Hidden Ingredient in Effective Single Sign-On

SAML stands for ‘Security Assertion Markup Language’ and is a protocol that allows the exchange of authentication and authorization data between an identity provider and a service provider. There are ...
Bleeping Computer

Critical Golang XML parser bugs can cause SAML authentication bypass

This week, Mattermost, in coordination with Golang has disclosed 3 critical vulnerabilities within Go language's XML parser. If exploited, these vulnerabilities, also impacting multiple Go-based SAML ...
CSOonline

If you are generating SAML signing certificates externally, STOP!

SAML authentication certificates, generated with tools other than dedicated cloud identity solutions, can be forged by hackers, according to a new proof of concept. There is now a way to forge ...