Bleeping Computer

GitLab releases fix for critical SAML authentication bypass flaw

GitLab has released security updates to address a critical SAML authentication bypass vulnerability impacting self-managed installations of the GitLab Community Edition (CE) and Enterprise Edition (EE ...
CSOonline

How SAML works and enables single sign-on

What is SAML and what is it used for? The Security Assertion Markup Language (SAML) is an open standard that allows security credentials to be shared by multiple computers across a network. It ...
Bleeping Computer

Critical Golang XML parser bugs can cause SAML authentication bypass

This week, Mattermost, in coordination with Golang has disclosed 3 critical vulnerabilities within Go language's XML parser. If exploited, these vulnerabilities, also impacting multiple Go-based SAML ...
CSOonline

If you are generating SAML signing certificates externally, STOP!

SAML authentication certificates, generated with tools other than dedicated cloud identity solutions, can be forged by hackers, according to a new proof of concept. There is now a way to forge ...