A new SAML vulnerability could allow Cybercriminals to hack organisations Single-Sign-On to access private data. A flaw in the SAML protocol which is used by all SSO implementations from cloud providers and internal applications was discovered by Duo Security and the US-CERT. It allows an attacker to access users accounts without the need of their password thus not requiring a phishing campaign, they would simply directly exploit the SSO provider.
The Duo Labs technical report is available here. For the CERT/CC advisory click here.
The original Bleeding computer article is here.
To see a new way to manage security from threats see our “brAIn box“