Bleeping Computer

Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps

A new technique called "Golden SAML" lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication ...
Dark Reading

GitLab Warns of Max Severity Authentication Bypass Bug

Organizations with self-hosted GitLab instances configured for SAML-based authentication might want to update immediately to new versions of the DevOps platform that the company released this week.
Dark Reading

Learn SAML: The Language You Don't Know You're Already Speaking

Security Assertion Markup Language (SAML): You may have heard of it. You've likely used it at least once today to log into a website portal or enterprise application ...
Security Boulevard

The Complete Guide to Authentication Implementation for Modern Applications

A comprehensive developer guide to implementing secure authentication in modern applications. Covers OAuth 2.0, OIDC, ...

Fortinet unearths another critical bug as SSO accounts borked post-patch

More work for admins on the cards as they await a full dump of fixes Things aren't over yet for Fortinet customers – the ...
secureidnews.com

Why the future of authentication isn’t SAML

The future of authentication will not rely on SAML, but with OpenID Connect and OAuth 2 instead, Dave Kearns contends in a blog post for KuppingerCole. SAML, or Security Assertion Markup Language, is ...
Business Wire

Zoho Vault Delivers SAML-Based Single Sign-On for Cloud Apps

PLEASANTON, Calif.--(BUSINESS WIRE)--Zoho today announced SAML-based single sign-on (SSO) support for cloud applications in Zoho Vault, its online password manager for teams. With enterprises rushing ...