Homeland Security Today

NSA Advisory: Detecting Abuse of Authentication Mechanisms

Malicious cyber actors are abusing trust in federated authentication environments to access protected data. An “on premises” federated identity provider or single sign-on (SSO) system lets an ...
Threat Post

Office 365 Vulnerability Exposed Any Federated Account

Microsoft in January patched a severe Office 365 vulnerability that exposed accounts whose domains were configured as federated. A severe vulnerability in the way Microsoft Office 365 handles ...
Bleeping Computer

Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps

A new technique called "Golden SAML" lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication ...
secureidnews.com

Why the future of authentication isn’t SAML

The future of authentication will not rely on SAML, but with OpenID Connect and OAuth 2 instead, Dave Kearns contends in a blog post for KuppingerCole. SAML, or Security Assertion Markup Language, is ...
Dark Reading

NSA, CISA Warn of Attacks on Federated Authentication

An attacker-modified update to the SolarWinds Orion network management product that compromised thousands of companies and government agencies is likely not the only way Russian attackers infiltrated ...
ZDNet

NSA warns of federated login abuse for local-to-cloud attacks

The US National Security Agency has published a security advisory on Thursday warning about two techniques hackers are using to escalate access from compromised local networks into cloud-based ...
CSOonline

SAML authentication broken almost beyond repair

Black Hat Europe 2025: Multiple hacking techniques allow researchers to bypass XML signature validation while still presenting valid SAML documentation to an application. Researchers have uncovered ...